It seems passwords and their related vulnerabilities dominate our lives. This burden is compounded by the fact that we're taking on additional passwords at work. In our personal lives, our passwords our ours. But in the workplace, passwords often need to be shared among employees, authorized by seniority or division, and reset regularly.
Yet lazy password practices run rampant—from the office to the café. Employees use sticky notes affixed to their computer monitors. Restaurant owners use the same password for everything: payroll, accounting, online reservations. Small companies use a shared spreadsheet that's always out of date because someone forgot a password. Terminated employees still have passwords saved on their phones.
The risks associated with these behaviors never present themselves until it's too late—and the consequences can be dire.
But with sound password selection and regular changes coupled with the right password manager, businesses can know they're doing all they can to prevent a problem.
What is a Password Manager?
Before we get into a few recommended password managers, it's worth spending a quick minute to define exactly what a password manager is. A password manager is a piece of software that helps individuals and businesses manage, generate and encrypt what is responsible for more than 80 percent of data breaches: passwords. Some password managers are installed locally on your computer, phone or tablet. Others are cloud-hosted to facilitate anywhere, anytime access. The most universal aspect of virtually all password managers is the "one for many" rule. Essentially, you keep all of your passwords in a vault that is accessible only by a master password. This master password is usually long, complicated, and unretrievable from anywhere beyond your brain. In the context of a business that would, in theory, have multiple employees accessing a given vault, each employee would have his or her own account, powered by their own master password.
On to the recommendations...
Plenty of tech review sites have named 1Password best in class. The Business version of its product features simple access / revoke sharing, customizable groups and vaults, a comprehensive audit trail so you know who's shared what and when, two-factor authentication (that's when you get a text message to confirm your identity after attempting to login), and even free personal 1Password accounts for all your employees. Pricing ranges from $3.99 per month per user to customized enterprise plans.
LastPass touts many of the same features as 1Password. Most notably LastPass for Business offers robust admin controls like the ability for an admin to change an employee's password. This is particularly handy when an employee leaves on not the best terms. Pricing for LastPass for Business: $2.42 per user per month.
Other password managers worth checking out include...
- Dashlane has a great SmartSpaces feature that helps employees keep their work passwords separate from their personal passwords.
- Keeper focuses on auto-creating high-strength, random passwords.
- Sticky Password features biometric (fingerprint) authentication.
And remember! The best defense against password problems is... strong passwords!