On average, business users have to keep track of more than 190 passwords, according to Security magazine. Since remembering that number of passwords can be an impossible task, many people use weak passwords or re-use the same password over and over again. Others prefer to use their browsers' autofill feature to store their login credentials and automatically fill them in when they visit a site.
If this sounds familiar, it's important to understand that these practices could put your business at risk, since hackers are always looking to exploit easy-to-crack login credentials to gain access to credit card information and other sensitive data. Even autofill features have proven to be less than secure, as Wired points out, because fraudulent sites can impersonate authentic sites and steal user names and passwords.
A password manager is an application that stores all your passwords in a digital vault that's protected by one unique master password. It's highly secure: using AES-256 encryption, which is also used by the U.S. government for the transmission of top-secret information, according to TechRepublic.
In addition to storing passwords, a password manager can generate strong passwords that are long, random combinations of letters, numbers and special characters. Some password managers offer the option of storing documents such as tax files and other sensitive data. Cloud-based password managers sync data between devices, meaning that all the login credentials you store on your desktop computer are also stored on your laptop and phone.
Now that you know the benefits of using a password manager, what should you look for when selecting one? Here are some important factors to consider:
- Since a cloud-based password manager stores all its data in the cloud, it may be less secure if there's a breach.
- A local password manager stores passwords on the device itself. It isn't vulnerable to cloud breaches, but if someone gains access to the device and your master password, it's no longer secure. In addition, it doesn't sync between devices.
- For an added level of security, look for a password manager with two-factor authentication.
- You can get password managers that are specifically designed for team use.
- For maximum convenience, look for an application that allows you to import passwords from your browser, so you don't have to re-enter all your data manually.
- If you want to store business documents in your password manager, consider how much storage capacity it offers.
- Some password managers send site breach alerts if sites that you access have been compromised.
- Automatic password changing allows you to regularly change passwords without having to do so manually.
- The app producer's security history is important, as bugs and breaches can compromise the security of your password vault.
When it comes to protecting your information, its better to be proactive than to wait until your login credentials are stolen.