Password Management Best Practice
Employees can be a company’s great asset, but they remain the weakest link in terms of cyber security. An online security survey conducted by Google identified that a whopping 65% of people use the same password for multiple or all accounts. This means your employees could be using the same password to access your corporate resources that they also use on their personal Facebook, LinkedIn and other sites!
Nearly every day the news headlines include yet another security breach where data including email addresses, passwords and/or credit card information has been exposed. Has your account information already been compromised? It is likely, as over the years Adobe, LinkedIn, Evite, and other popular sites have been breached.
If you are using the same breached password or a variation of the same password elsewhere a bad actor can use the breached password to gain access to other sites.
Best practice would be to have a complex password unique for each site. That is way too much to remember and it really is not practical. The solution would be to use a password manager. A password manager will generate, retrieve, and store unique random passwords across your accounts for you. In addition, a password manager can protect other information likes PINs, credit-card numbers and associated three-digit CVV codes, answers to security questions, and more. Password managers store this information in an encrypted database locked behind a master password that can be further protected by multi-factor authentication.
Beringer recommends 1Password [www.1password.com]. Below are some features of 1Password that we love:
- Your Master Password protects your data on your devices. Only you know your Master Password: it is never stored alongside your data or sent over the network. It protects your data if someone has access to your device.
- Your Secret Key protects your data off your devices. Your Secret Key is created locally on your device. It’s combined with your Master Password to authenticate you with the 1Password hosted service and encrypt your 1Password data.
- Secure Remote Password protects your data in transit. 1Password uses SRP to authenticate your credentials without sending them over the Internet. It also encrypts all traffic sent to the hosted service.
- Alerts you to security breaches. Watchtower alerts you about password breaches and other security problems with your 1Password items.
- Protects you from phishing. You can fool a human, but you can’t fool 1Password. It only fills your account details on the sites where you saved them.
- Only works in verified browsers. 1Password only fills your details after it verifies that your browser has been signed by an identified developer.
- Removes secrets from your clipboard. To prevent people or clipboard tools from learning your secrets, 1Password regularly removes item details from the clipboard.
- Protects your data from keyloggers. 1Password uses secure input fields to prevent other tools from knowing what you type in it, including your Master Password.
- Always requires your input. To protect your data from shoulder surfers and browser-based attacks, 1Password only displays or fills data when you tell it to.
- You can have multiple vaults. One for your use and one to share with the team.
So, don’t delay making your accounts secure. If you do not already have a password manager sign-up for a business account at www.1password.com, which includes free family accounts.
Beringer Technology Group is always here to provide expert knowledge in topics like these. If you have any other questions, contact us today to learn more!
Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution. We also provide expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing and Unified Communication Solutions.