Are password managers safe for businesses to use?

password managers

Nobody likes remembering passwords. When some of us have enough trouble remembering a four-digit PIN number, a long password filled with numbers and symbols can feel like an impossible task. Remembering several of these for different accounts is a herculean task – yet that’s exactly what many experts recommend. 

Password managers appear to offer an ideal solution. By remembering just one complex  password – for the password manager itself – you’ll have access to a range of passwords for all of your accounts. But are password managers safe for businesses to use, or do they pose an even greater risk to your cybersecurity?

What is a password manager? 

A password manager is a piece of software which manages your passwords for you. You create an account with the password manager, and it then generates a complex password whenever you create a new account, or update your password for an old one. This password is stored alongside your username, and pops up every time you use that site or application in the future.

As long as you keep your password for the password manager safe, it will ensure that all of your accounts are protected by a unique and complex password that’s nearly impossible for hackers to crack. It also ensures that you will never forget a password for a particular account, and makes this information both retrievable on individual websites and from a searchable database.

Password managers also often provide a number of other features. As a secure environment, password managers often come with the ability to save notes, payment and loyalty cards, addresses and other private information. Of course, all of this heightens the imperative that you keep the password manager itself safe, lest someone gain access to a treasure trove of data.

Are password managers dangerous?

The perceived risk of a password manager is that all of your private data is stored in one place. If someone did gain access to your password manager, they would be able to login to every account stored within it, as well as having access to any other data. This could potentially allow them to acquire personal information, make purchases, and more besides.

The main argument against this is that many people already use a single password for some or all of their online accounts. By doing this, you’re already putting yourself at the exact same risk of using a single password for your password manager. Moreover, the password manager is unlikely to allow you to use a weak password – something that can’t be said for the passwords that many of us use everyday.

The safety of a password manager ultimately depends on the sanctity of the password you use for it. By practicing good password safety principles, you can all but eliminate the risk of someone gaining access to your password manager. Namely, this means using a long and complicated password containing multiple letters, numbers and symbols. Alternatively, many security experts recommend using a long ‘pass phrase’ consisting of a whole sentence, but containing just a few numbers and symbols. This is often more memorable than a random string of characters, and equally difficult to guess.

The other thing to consider is that both your password manager and your individual accounts will generally have numerous other security measures. Many will not allow you to login from a new or suspicious IP address without confirming the attempt via email, text, or an authenticator app. They may also have other layers of security on top of your password, such as biometrics for banking apps, or additional account information.

This practice of multi-factor authentication (MFA) is becoming increasingly common for all kinds of account security. MFA means that even if someone did gain access to your passwords, they would need access to your phone or personal knowledge about you to actually login, or make any changes to your accounts. This is not to mention common features of password managers such as end-to-end encryption and role-based permissions, which add extra layers of security at every entry point.

Best password managers for businesses

Password managers are commonly used by both businesses and individuals, but the requirements for each are not the same. While everyone values privacy and security, businesses have to contend with a large number of people who often share access to the same systems, or even the same accounts. There are also other features of password managers specifically tailored to businesses, allowing for secure storage of other kinds of data. Here are just a few of the best and most popular password managers for businesses:

LastPass 

Perhaps the consumer password manager of choice, LastPass also offers a powerful enterprise solution. Available as an app or browser extension, LastPass’s familiar Vault interface and auto-generated secure passwords will be comfortable for experienced users, and easy to decipher for newbies. But the business version also offers single sign-on, analytics and multi-factor authentication to ensure the right people are logging in from the right places – and bulletproof end-to-end encryption to keep your data safe. 

Dashlane

A newer entrant to the market, Dashlane’s flexible offerings and broad feature set have made it LastPass’s primary competitor across multiple demographics. Its offering for businesses is equally competitive, with a cheaper ‘Team’ plan for SMEs and a ‘Business’ plan for enterprises. The Team plan offers analysis and account management from a handy admin centre, and gives all staff free premium personal accounts, while the Business plan adds advanced single sign-on functionality. The sleek interface and segmented spaces for business and personal data are the icing on the cake. 

Keeper

Keeper is among the most flexible and dedicated password managers for businesses, and comes in an array of plans for different sizes of organisation. All plans provide a separate, private account for each member of staff, along with access to a unique file system that allows folders to be securely shared with other users and teams within the business. With role-based access, configurable data policies for different silos and an excellent analytics platform offering detailed security audits, Keeper makes a strong case to be the business password manager of choice. 

NordPass

One of the newest password managers on the market, NordPass comes from good stock, having been created by the cybersecurity experts behind the popular NordVPN. While lacking some of the analytics and user management capabilities of its competitors, NordPass makes up for it with industry-leading encryption, and features including secure password encryption, biometric authorisation and optical character recognition, allowing for the easy storage of data such as bank details. A competitive price point and growing feature set makes this one to consider for small businesses. 

Whichever password manager you opt for, your business stands to benefit. In a world where password security is increasingly hard to guarantee, password managers offer an easy, convenient and safe solution – protecting valuable data while minimising the inconvenience to your workforce. 

Sota is one of the UK’s leading independent providers of professional IT services in Kent, including cloud computing, cyber resilience, connectivity, and unified communications. Having worked with countless businesses over the years, they are experts in their field, ready to advise and offer tailored solutions for each and every company.

Leave a Reply

Your email address will not be published. Required fields are marked *

2 × one =