Passwords are, in most cases, the first line of defense in a company’s security network. A good password can take even the best computers thousands of years to hack via brute force. In many cases, the breach occurs because of poor password management or practices, and using a poor password manager tool is one of those practices.
If your company is having trouble keeping track of passwords, creating good passwords, or simply needs an extra security feature, using a password manager can provide all of that and more. But, if you’re using a poor password manager, you’re just setting up more risk.
Let’s look at some signs that your password manager could be failing you, so you know when it’s time to make a switch.
1. You’ve Already Been Breached
If you’ve already had a password breach at your business, it’s safe to assume that your password manager is at least partially to blame. You can’t totally blame the tools at your disposal, as a tool is only as good as its user. Even if you have the best company password manager money can buy, if your employees don’t practice good password habits, you could be at risk anyway.
A password breach can be done in a few different ways, but dictionary attacks are among the most common. The software will cycle through millions of potential phrases, common words, and more. Most passwords contain common phrases or letter/number combinations, which makes dictionary attacks quite effective in some cases.
To better protect yourself against these attacks, you need to upgrade your password manager and start enforcing good password habits in your employee. Remember—it doesn’t matter how good your manager is if your employees are creating poor passwords and ignoring good habits.
2. No Password Generator
The best password managers have a great feature called a password generator. Simply put, this generator is responsible for generating secure passwords on the spot. Most password generators are easy to use, and create strong passwords that you can customize. You can choose the length, character combinations, and other details to create the perfect password. Then, your password will be saved (along with other credentials) inside your password manager’s folders for secure storage. These encrypted folders help keep your data secure and off of your personal system.
There are offline password managers as well, if you don’t want to use something that’s always tied to the web. The disadvantage there is, obviously, that you won’t have access to your passwords on another system or machine. Online password managers can be synced across multiple devices.
Using a password generator is a good option for when you have employees that don’t create strong passwords. With the press of a button, they’ll create new and secure passwords, and you can monitor and change credentials through your password manager.
A good password manager will help you with password maintenance. Passwords don’t retain their strength for years on end, and, in most cases, should be changed every 6-9 months. In some cases, businesses will require a password change every 30 days, and while this is inconvenient, a constantly changing password is much harder to crack.
Your password manager doesn’t notify you about old passwords, duplicates, and other maintenance? It’s time to move on. This is a crucial feature of a good password manager, and one that you’ll be grateful for when you have dozens of passwords to keep track of. Make sure whatever service you’re paying for is actually going to let you know when passwords are out of date! An old password is much more vulnerable.
4. You’re Paying Too Much
How much does your password manager cost the company each month? A good password manager won’t cost all that much, and for that extra (crucial) piece of cybersecurity, it’s worth it. But you want to be certain that you’re getting the value you deserve for your monthly fee. Does your password manager have syncing capabilities? Does it have a password generator? Does it provide good maintenance tools for your passwords? Making sure you’re getting a good deal is just as important as making sure you have the right tools in your arsenal to combat cyber threats.
5. You’re Using A Browser Password Manager
If you’re using the built-in browser password manager, you’re already putting yourself at risk. The bottom line is that browser password managers aren’t as secure, because they’re at the mercy of the browser’s security features. Hack the browser, and you’ve hacked all the passwords, credit card information, and other info that you can save on browsers these days.
Don’t use the browser password manager, especially for business. You need to invest in an effective, secure, and affordable password manager like Keeper to keep your passwords secure and maintained. Don’t settle for less when it comes to your company’s security!