Why You Should Use A Password Manager
Efficient, Convenient and Safe
With an increased number of accounts, and the necessity and prevalence of Multi-Factor Authentication (you know those little codes or text messages websites keep bugging you to enter), it’s becoming more and more critical to have a good password manager that is both secure and easy to use.
I’d love to say that “gone are the days of reusing a few passwords”. Unfortunately that’s simply not true. Many people continue to use and remember a few passwords which they re-use across many different services.
With the prevalence of companies getting compromised, and information leaked, often the most damaging is that of user login information. There are currently over 24 billion username and password combinations currently available on the dark web, and attackers leverage those to run “password spraying” attacks on all manner of things, especially those that are more popular and lucrative (banks, Facebook, Paypal, amazon, reddit, etc).
“I use chrome/edge/safari/apple as my password manager—it’s fine.”
At a bare minimum, this is true. However, you should consider this:
The apple keychain is locked into… apple. The chrome password manager is tied to your google account. Edge is tied into your Microsoft account.
Yes you can run local copies of these, but that’s far scarier as you might lose all your passwords entirely. They also lack multi-factor authentication and it’s not the core business model of these companies. They are slow to iterate on features like passkeys, and don’t support password sharing.
What to look for in a good password manager.
This may differ a bit if you are looking for personal vs business. For business, my criteria for choosing a good password manager for my clients came down to this:
Single Sign On from Office 365 (Entra ID).
This was one of my top criteria. If you can’t easily sign into your password manager, what happens is you forget your master password, or worse choose an insecure one, and then you are locked out. The ability to sign in with your Microsoft account (or have it auto sign you in from your windows login) makes things much smoother.Ability to share passwords with team mates.
While it’s nice to say everyone should have their own account, that simply doesn’t always work. Being able to grant someone a login once, or share a common login can be hugely beneficial. Not doing it on post-it notes is a good plus as well.Ability to help manage admin tasks for my clients and have multi-tenant management.
My clients expect me to help them if they have issues, if I set them up with something I can’t manage/support it’s value to me is basically zero.Ability to re-assign a password vault to a manager should an employee leave the company.
The circle of life in the business world—staff come and go, you probably want that account password that employee setup that one time and forgot to share with everyone else.Notifications for when a password is in the known password database.
That 24 billion password number didn’t happen overnight. You will want to know when it’s time to change even a randomly generated password because it got leaked onto the internet.Ability to ensure, and know employees are using secure/strong passwords for company related accounts.
Having a strength score or report to show you what accounts users are using insecure or leaked passwords on means you can be proactive about stopping that security hole.Cross platform support - Microsoft/Android/Iphone/Mac.
So you can use your vault on any device you so choose. I’m not a fan of vendor lock in.
After searching I found several good candidates, but in the end I picked Keeper Security Enterprise with Breach Watch and have been impressed and pleased with their product.
You can check them out here:
Enterprise Password & Secrets Management | Keeper Security
Hunter Tech is here to help. Call us today at 825 415 6990 or email info@huntertech.ca.