Password management is of grave importance to any business, large or small. Having unsecured passwords can open up not only your business data and personal employee data to potential cyber threats, but also that of your customers. Protecting data should be your top concern as a business, especially if you handle financial information such as payment methods.
Managing passwords properly can be a bit of a challenge without the right tools. Writing down passwords on paper is an outdated (and dangerous) practice, and with pretty much every website requiring an account sign-up these days, you’d need quite a bit of paper to track all of your passwords. Let’s look at some better ways to secure your passwords properly.
Don’t Share Information
The first step to better password management is taking control of who shares information with whom. The fewer people that know your passwords, the better. It’s much more difficult to keep information secure when dozens of people know it. One slip from one person is all it takes to potentially expose all of your company’s precious data.
When it comes to passwords, make them available only to designated personnel. If you’re dealing with sensitive information, such as the company bank account passwords, 1-2 people should be sufficient. You wouldn’t want the entire financial team to know all of the bank passwords!
Be sure to set strict security protocols when it comes to passwords as well. Let everyone know that sharing passwords (even with others in the company) without authorization is a disciplinable offense, as it could potentially compromise sensitive company or customer information.
Use A Password Manager
One of the best tools available to businesses today is a password manager. A Password management software for business provides you with an easy, accessible means of storing, managing, and securing all of your company passwords. With a good password manager, you can control who has access to company passwords and from which device(s) they are accessed. Some of the best features of a password manager are:
- Random password generation
- Take notes on websites/passwords and store securely
- Automatically fill forms
- Rating system for new passwords
- Diagnose security issues
- Intuitive interface
- High-level encryption
These are just a few of the great features you can expect from a decent business password manager. Password managers are affordable tools, and many offer free versions! Business plans will usually only cost around a few dollars per month, so you can add a few more layers of security to your business for the cost of a cup of coffee.
Inform Your Employees
We all understand that passwords are important, but we’ve become desensitized over the years as to just how important a good password actually is. We have passwords for everything; bank accounts, social media accounts, online shopping portals, work logins, etc. After a while, we stop making good passwords and simply fill in things we’ll remember. This can include birthdays, addresses, or other numbers/letter combinations with personal meaning.
The next step to securing company passwords is informing your employees about the importance of password security. A compromised password is more than just a threat to the business and the information of your customers; it’s also a threat to everyone’s job. A targeted cyberattack can cripple a business, thus compromising everyone’s position. All because of one bad password or bad practice!
It’s a good idea to host a training session about the importance of password security, in order to update everyone and ensure that they’ve been informed. Be sure to practice good password security habits on a daily basis, and send reminders month-to-month to keep everyone updated.
Password Requirements
When employees create new passwords, you’ll want them to follow specific requirements so they’re not creating weak passwords. For example, you can use your password manager as a strength gage for new passwords. Anything that falls into the “weak” category would be an unacceptable password. Good passwords contain random combinations of numbers, letters, and symbols; not recognizable phrases or personal information.
Let’s compare a good password and a poor password.
Poor password: Greg19730
Notice how our employee, Greg, has used both his name and his birthday (1973). Greg assumed he would thwart any hackers by simply adding a zero to the end of his password, but this is actually a very common practice and doesn’t provide much extra security. 1s, 2s, and 0s are the most common characters added to the end of a password. While a password checker might rank this password as “strong” since it uses a combination of lowercase letters, uppercase letters, and numbers, the personal information Greg used compromises his account.
Let’s look at Abby’s password. Abby is the financial manager for the company, so her password needs to be even more secure.
Good password: #f0rC3R^jA@!4$*
Abby’s password is exceptionally strong. Note that it contains:
- No consecutive lower/uppercase letters
- Symbols
- The term “force”, a completely irrelevant phrase, spelled with numbers and letters (f0rC3)
- More than 11 characters
- No personal information
Conclusion
Your company’s passwords matter. Don’t’ take them for granted; set strict password policies, guide your employees in good password practices and creation, and utilize a password manager for maximum security. After all, it’s not just your information that’s at risk; it’s that of your customers as well.