Blog | Charles IT

Best practices in password management

Written by Foster Charles | Oct 15, 2019 10:18:32 AM

Passwords will always be relevant. Think of them as virtual keys to your home online. Hackers have tens of thousands of generic or popular keys on hand for launching brute force attacks, so using unique passwords remains vital to maintaining the security of your online accounts. Moreover, you should take all the necessary measures to prevent people from stealing your passwords. And in case these do get stolen, having additional identity authentication requirements will further protect your accounts.

According to a report, 80% of hacking-related breaches are still linked to compromised, weak, and reused passwords. However, having many strong passwords is often difficult to handle and can lead to an increase in password resets (and/or some other problem related to managing strong passwords).

What are password managers?

As a business owner, you need to ensure that all the passwords used within your organization are long, strong, complex, and used only for one account. That’s where a password manager comes in. It remembers all your online passwords for your email accounts, mobile apps, and other work-related and personal accounts. All you really need to remember is the single “master” password that unlocks the password manager.

The best password managers allow you to import your password from other sources including your computer’s browser. This is important if you hold tons of account passwords you don’t want to manually input each time you log in.

 

Download our free eBook!

Our free eBook, 3 Types of Cyber Security Solutions Every Business Needs Today gives an insight on what fully supported cyber security solutions look like in practice.



How can you make the most out of password managers?

With today’s rampant data breach incidents, you must take the security of your passwords and your customers’ passwords very seriously. To do this, you need a plan that incorporates password management best practices. Here’s what you can include:

Access control

This allows you to restrict access to vital password information on a “need to know” basis. The most common type is “role-based access control,” which allows you to define broad roles based on a set of password permissions and then assign users to those roles. The purpose is to simplify password security and manage the password permissions of a broad set of users at once.

 

Auditing function

 

This feature of password management involves checking that everything in the system is as it should be. It must include:

  • A way to check who has accessed stored passwords
  • A way to check that stored passwords meet complexity and compliance rules
  • A way to check if stored passwords match what is being used on systems and services
  • A way to inform those with authority when something is amiss or goes against the password management process

 

Automation

 

With this function, you can make sure to never forget necessary procedures, such as deleting passwords of an employee as soon as they leave your company. Password change automation will help you block access to your client’s systems, applications, and networks, as well as:

  • Automatically change passwords when required
  • Automatically alert admins when a password requires manual intervention to be changed

If you’re looking for a better way to improve the security of your customers’ valuable data and your own for that matter, you can start by deploying password security policies and password management. Additionally, with the help of a trusted managed IT services provider (MSP) like Charles IT, you’ll find the best password security solution that will ensure stronger protection against unauthorized access. Call us today to learn more.