Wednesday April 29, 2015
It feels like it’s getting harder and harder to protect your accounts and information with secure passwords – and that’s because it is! Password security is a major priority for small business owners, but it’s not always clear how to create and store passwords in a way that is easy to manage but difficult to hack. Here are five of the most important ways experts recommend to keep your passwords secure, as well as some problems that are not so easily solved.
1. Never use the same password twice
It’s tempting to create one secure password to use for a number of important accounts. After all, it’s easy to remember one password. But this is a huge security risk! If one of your passwords is discovered, then all your accounts are compromised. Experts strongly recommend creating unique passwords for each account.
2. Create a long password, with a variety of characters
A study from Georgia Tech Research Institute recommends that secure passwords be at least 12 characters long. They should also contain both upper and lowercase letters, as well as numbers and symbols. In fact, most experts now agree that human-generated passwords are on their way out altogether, because passwords generated randomly by a computer are so much more secure. These passwords are difficult for outsiders to predict, but finding a way to remember them can be a major problem.
3. Files named passwords.txt or passwords.docx are easy to hack
Many people try to solve the problem of remembering dozens of long, complex passwords by creating a document where they are all saved for easy reference. We recommend you never give a file like this an obvious name, like password.docx, because hackers look for files names like that when searching for easy prey. Even without an obvious file name, experts tell us we shouldn’t save passwords in plain text format, or even in image form.
4. Sticky notes are not secure
How many of us still write all our passwords on sticky notes? Be honest. Passwords written on sticky notes kept on your computer screen or desk might be safe from online hackers, but anyone walking by could memorize or steal your password. Even if you think you know everyone who would see these notes, there’s no way to be sure your passwords are safe from discovery. Plus, with all the unique passwords for each account, your sticky note collection might become more of a burden than a help.
5. Don’t use email to share passwords
Sharing passwords among employees in a small business can be difficult, especially when they must be frequently updated. Oftentimes the only convenient way to communicate passwords is by email, but experts tell us that this is not secure. A password update is one of the most likely times for a security breach to occur, because dozens of emails might be flying around with subject lines like “new password” possibly alerting hackers.
What Does This Mean For Small Businesses?
How can a small business possibly keep track of all these long, complex passwords, if there’s nowhere safe to store them? How do you make sure that all your employees are practicing good password security? And what do you do when a password that is shared among a number of employees needs to be changed? And how do you control which employees have access to what passwords, without a lot of manual work?
If email isn’t secure, and writing passwords down isn’t secure, and word documents aren’t secure, how do you keep everyone on the same page?
Imagine an emergency situation: somebody quits your company and is upset. He had access to a huge number of passwords. If these passwords were easy to remember, you have no protection. Even if they were unique, long, and varied, if he had the passwords saved on his computer or in email folders, you are vulnerable. You would quickly find yourself sinking a lot of time and energy into damage control, frantically changing passwords to everything that individual could access. And then you’re left with the problem of updating your staff with the new passwords, which they may write down or save insecurely.
Dealing with a crisis like this could be expensive, time-consuming, and unendingly stressful. And if you follow password best practice to the letter, even day to day operations become difficult and frustrating. Employees spend more time than you may realize logging in and out of different accounts, and if you could save them a lot of time by implementing a solid password management solution. Often, despite your best efforts, it seems impossible to keep your passwords secure in a convenient way. And if every password isn’t secure, neither is your information.
There is a secure, convenient solution.
The AllProWebTools password manager provides an easy answer to the hard questions of password management in small businesses. It even eliminates the hassle of inventing and remembering new secure passwords. For each site you add to your list, the software can generate a unique, secure password. It then stores and remembers those passwords for you later in an easily searchable, highly secure database. You can even access your password list from any internet connected device, such as your laptop or smartphone.
Unlike other password managers designed for individuals or big corporations, the AllProWebTools version is great for small and medium businesses. It’s fully integrated with your business management dashboard – you don’t need a separate app just for password management. You can decide which staff members have access to which passwords by designating their clearance level, ranked from 1-9, and when you change a password, everyone else’s changes to match. You don’t have to send an email, and nobody has to write anything down.
This means, in the case of an emergency, you can easily delete one individual account from your AllProWebTools dashboard, and that individual loses all access. The generated passwords are long, and full of varied characters, making them almost impossible to guess or remember, so you can be assured that no one without access can remember them.
Your day-to-day password management doesn’t have to be stressful, difficult, or ambiguous. It’s hard to manage password security on your own, but the right tool can make it simple.