Password management software is built using strong encryption methods and security practices, and is regularly reviewed by independent security researchers. The weakest part of password management software is most likely to be the master password that you choose.
Exploiting reused passwords is a common way for attackers to gain unauthorized access into your systems. The unique and strong passwords created by password managers are almost impossible to guess, making using a password manager a much safer option.
If you want an extra layer of security to your password manager, you can turn on two-factor authentication (2FA). That way, you’ll be notified if someone does try to log in to your account.
2FA for businesses
Choosing a password manager
There are several password managers available, including free and paid versions. Have a look at reviews online to see which one would work best for you.
When looking for a password manager, there are a few things to consider.
Each password manager has its own administrative controls for user or policy management. Look at the features offered under the different business plans available.
Some password managers offer features such as:
- dashboards to monitor usage across your organization
- user management options, such as multiple roles that offer different levels of access
- policy management, such as mandatory two-factor authentication or a restriction on who can reset a master password.
Cloud, local or browser-based password managers
The other consideration when choosing a password manager is whether it’s best for your passwords are stored on your local drive or computer, in the cloud or with your browser. Think about your ability to protect your own database of passwords on your computer, and the sensitivity of the passwords you have.
If you need to have a high level of security – if you have a lot of financial trading or banking account passwords, for instance – you may want to use a password manager that’s stored locally. Locally-based password managers store the password safe on your device, and can’t be accessed from other devices. If you regularly work on multiple devices, such as a work computer and a home computer, this might not be the best option for your business. You also need to back up these password managers regularly.
A cloud-based password manager suits most businesses, and has the convenience of being accessible on multiple devices. Some cloud-based password managers offer browser plugins, mobile applications, and desktop applications. If you have a mobile workforce who do a lot of work on laptops and mobile phones, these type of products may work for you.
Most browsers — like Internet Explorer or Chrome — have a built in password manager. You’ll see it when you log in to a site and a message pops up asking if you want the browser to save your password for you. While this can seem like a good option, it’s important to note that a built in password manager does not have the same level of encryption or security as other password managers. They usually store the passwords locally on your computer, meaning they can be easily viewed by someone if you leave your computer unattended or unlocked.