The majority of people reuse easy to remember, but weak passwords on most of the websites they visit. After all, how are you supposed to remember different and unique passwords for all the websites you use? Well, the best solution is to use a password manager!
Password managers store login information for the websites you use and help log into quickly without typing out credentials. They can also be used to store other sensitive information such as bank details. The protect your data via encryption, encrypting your password database with a master password — the master password is the only one you need to remember. This process scrambles data so that it’s tougher for hackers, cyber crooks and others to access your personal information, such as your bank card information.
The Risks of Not Having a Password Manager
If you reuse the same password for every site, rather than using a password manager, it is a much larger problem than most people realise. Due to the number of password leaks that occur annually from large and small websites it is imperative that unique passwords are used for each site.
In some cases, instead of reusing the exact same password every time, some people reuse an almost identical password for every account they make, with a small variation between each of them. That could be a change in one letter, a number or even an added symbol or uppercase character.
They do this with the thought that it will be safer than reusing the identical password repeatedly, which isn’t necessarily the case. For instance, doing this may make it difficult to remember which variation of the password was used for which account. Also, if someone has one variation of your password, they may be able to find the other variations that have been used through trial and error by learning the patterns you use.
For both businesses and individuals alike, having weak passwords is a sure-fire way to leave your systems and devices vulnerable. Even if your business had a top-of-the-line security setup, by using a weak password your systems would be left wide open to an attack.
Password leaks mean that people with malicious intentions can find your email address, password and username combination from one site, and try to use them on other websites. Any time you use the same login information on multiple sites, you are putting yourself at risk of having your information stolen. A leak on just one website could give hackers access to any, if not all, of your accounts, which would be detrimental to your online safety.
If someone can gain access to your email account due to a password leak, they could use password-reset links to access other websites that you have used the same information on. After gaining access to a user’s credentials, many hackers will log into their accounts to steal more of their personally identifiable information (PII) like their name, address and bank account information. They can then use this information to either steal money directly from the user’s bank account or even to steal their identity. Identity theft can lead to further financial losses or difficulty getting loans or employment.
The best way to prevent password leaks from being so harmful is to use unique passwords for every account you create. They should be strong, long and unpredictable, while also containing numbers and symbols so that they are as difficult as possible to reproduce accidentally.
Many tech-focused people tend to have a lot of accounts to keep track of, and even the average person has a multitude of accounts. Having strong passwords for each account is necessary, but it is likely that remembering each password is difficult without using some sort of system or solution. Using a password manager that generates secure, random passwords for you (and remembers them so you don’t have to) is the ideal solution.
Web browsers such as Google have password managers within them that are automatically available upon installation. You can use it to create and securely store your unique passwords, as well as have your details autofill when you revisit websites that Google has stored your information for.
There are a range of third-party options to choose from, such as Keeper, LastPass, 1Password etc. At Flyford Connect, we use and recommend Keeper, as it is secure and user-friendly.
Password managers all do the same job of saving, storing, and managing your passwords securely.
Without them, people tend to use sticky notes and spreadsheets to store their passwords, as well as reusing identical passwords numerous times. This can quickly become a security issue, especially if the ones that are being stored this way are for work-related things. As well as this, manual logins and IT helpdesk resets are common, with password sharing being unsecure also.
With a password manager, however, you can have random, high-strength, complex passwords automatically created for you, as well as having your credentials autofill for the sites you often visit. Sharing passwords becomes secure, with encrypted vaults keeping your passwords and details safe.
For Keeper, as well as other password managers, you only have to remember one unique password, which is known as the master password. This is the one that you will use to get into the manager itself. With the ability to set up biometrics (on mobile) and multi-factor authentication access, your information is kept even more secure.
Some useful features include a password generator where you can choose specific criteria for the passwords you generate. For example, if you need your password to be a specific length, to have no symbols, or even if you just wanted it to be long and complex, you are given the possibility to alter the length and content of the passwords that are generated.
We also suggest using a service that can tell you if your email address or phone number has been compromised. The two we recommend are, Have I Been Pwned, which is ideal for checking if your personal email address has been leaked, and Threat Status, which is a service for checking if your company’s domain email address has been compromised.
What If I Don’t Want a Password Manager?
If using a password manager isn’t suitable for your needs, or if you simply don’t want to use one, there are still ways to make sure that the passwords you create are unique and secure (just try to remember them without writing them down in an easy to find place). By following the formula below, you can easily create strong passwords without having to use third-party password managers.
How To Create Secure Passwords
It isn’t hard to create strong passwords once you understand the dos and don’ts. We have curated a list of the best tips for secure password creation below:
- A password should preferably be between 16 and 20 characters long.
- It should include a combination of letters, numbers, and characters, such as ! ? _ £ etc.
- Any given password should only ever be used for one account.
- Passwords should never include any of the user’s personal information. This includes their phone number, address, pets’ names and/or kids’ names, or birthdates as these are things that can easily be found out about a person.
- There shouldn’t be any consecutive numbers or letters in your password, such as “222” or “sss”.
- Your password should absolutely never be just “Password”. Ever.
- You should avoid making passwords that have repeating letters or numbers, such as abab1010.
An example of a strong password (created by a random generator) would be “Cartoon$-Duck-14-Coffee!-Glvs”. It is long, containing not only uppercase and lowercase letters, but also numbers and special characters. It is also unique, easy to remember, and difficult to guess.
If you want to check how secure your own passwords are, you can find out by visiting How Secure Is My Password.
Overall, having a password manager is the best way to keep your information and your customers’ sensitive information safe. Without one, you are risking not only your data and privacy (as well as that of your customers), but also your reputation.
As always, it is important to consult your IT team or an IT professional so that you can decide what is best for you or your business. If you would like to learn more about how password managers can help you to keep your business information safe, you can reach out to us to arrange an initial chat to discuss your business requirements.
You can contact us through the following: