A study by Capterra on the password usage habits of British SMEs revealed that a third of users use the same password on all Internet sites. This represents an extremely high risk in the vulnerability of personal and company data.
In order to protect accounts, each one must carry a strong and unique password to reduce hacker attacks. With so many applications in daily use, it is impossible to remember every password. For this reason, it would be helpful to have password management software. But what is a password manager?
What is a password manager?
A password manager is a computer security system, a program that allows you to create unique passwords for each of your accounts, to store them in a safe place and to access them through an extension in your Internet browser or through an app. It can be used with your computer, smartphone or tablet.
With a password manager, your company can share passwords securely between employees, so you no longer have to write them down on paper, put them in a document or send them by email, reducing the risk of someone getting hold of them.
Security measures provided by password managers
Now that you know what a password manager is, here is a list of the security measures that they can provide to your business.
- Brute force attacks: In this type of attack, a hacker uses different techniques in order to decipher the password, so the longer and more complicated the password, the more difficult it will be to decipher. Using a password manager will protect you against this type of attack, as it allows you to generate strong passwords using random characters.
- Database code injection: These attacks are aimed at companies that manage a significant number of users and therefore have many combinations of emails and passwords in their databases. A while ago, Spanish company Freepik suffered one of these security attacks in which the data of millions of its users was exposed. A password manager will warn you if you use the same password more than once and will allow you to easily change it if it is compromised.
- Password theft: A password written down on paper, on a computer notepad or in another format is in danger of being taken by someone with bad intentions. The study on cybersecurity in SMEs carried out by Capterra reveals that 21% of users use documents or spreadsheets to save passwords. This security risk can be avoided by using a password manager that eliminates the risk by keeping the passwords in a secure encrypted location
The importance of using strong passwords when remote working
The situation with the Coronavirus pandemic has forced many companies to implement working from home, maintaining security in remote connections between companies and users has been a challenge. It is, therefore, vital to have security tools that allow connections to be protected and thus avoid vulnerabilities in the system.
Apart from this, it is advisable for companies to implement a password management policy, where the use of strong passwords is encouraged, and this is something that can be implemented by using password managers.
Functions of a password manager
It is important not only to know what a password manager is and what it does, but also to know how to choose one that suits your company’s needs. So you must take into account whether it meets these basic criteria:
- Ability to track password usage and generate reports: a function that allows you to monitor aspects such as who has accessed certain accounts, from which IP and for how long.
- Two-factor authentication: a feature that makes it possible to verify user access to the password manager, using at least two types of verification.
- VPN connection included: a feature that adds an extra layer of security when using the password manager from remote connections as it encrypts the communication. Specialised software is also available for this type of security.
- Password audit: a feature of the password manager that analyses which passwords are weak and suggests changing them.
So now you know what a password manager is and the advantages that they can bring to your company. But are they reliable?
Can a password manager be trusted?
Although they do not completely shield you against cyber-attacks, you can benefit from the advantages of a password manager. Here are two reasons why you can trust them:
- They avoid password reuse attacks. If a hacker gets hold of one of your passwords, they will not be able to use it on the rest of your accounts, as the password manager prevents you from using the same password on more than one account.
- They protect you against phishing, which is one of the most widespread techniques and puts many users at risk. In this type of attack, websites or emails are created that redirect you to a site with a design very similar to that of the company they want to impersonate by asking you to enter your access details.
All information on the Internet is vulnerable to some kind of attack and the implementation of a password manager does not mean that our passwords will always be safe. However, it is advisable to use one alongside other systems, as it adds one or more levels of extra security to the company’s data. Not having one can make the company more susceptible to a security breach, which can result in important losses for the company.