The Power of Password Managers
SANS Institute puts on top notch security training.
They have a Monthly Security Awareness Newsletter called “Ouch!” that is short and easy to read.
Please share this with your family, friends and co-workers
Passwords are often one of the most painful and confusing security behaviors we teach people, and yet passwords are also often one of the greatest risks to most organizations.
Like most people, you likely find creating, managing, and remembering all your different passwords a daunting task. It seems like every website has different password rules and many require additional security measures such as security questions. Wouldn’t it be great if there was a single solution to take care of all your password problems? There is. It’s called a password manager.
But how do you choose a password manager that’s right for you?
https://www.sans.org/newsletters/ouch/power-password-managers/
Are You Frustrated with Passwords?
Like most people, you likely find creating, managing, and remembering all your different passwords a daunting task. It seems like every website has different password rules and many require additional security measures such as security questions. Wouldn’t it be great if there was a single solution to take care of all your password problems? There is. It’s called a password manager.
Password Managers Simplify and Secure Your Digital Life
Password managers are a software solution that stores your passwords in a protected database, sometimes called a vault. The password manager encrypts the vault’s contents and protects it with a primary password that only you know. When you need one of your passwords, you simply type your primary password into your password manager to unlock the vault. The password manager often integrates into your web browser and automatically retrieves the correct password and securely logs you into the website. This allows you to easily maintain a unique password for each of your accounts, which is critical to keeping your digital life secure.
In addition, most password managers include the ability to synchronize across multiple devices. When you update a password on one device, those changes are synchronized to all your other devices. Finally, most password managers detect when you’re attempting to create a new online account and can create and store a new, unique password for you.
The only password you have to remember is the primary password you use to access your password manager. It’s critical that you make this password long and unique. In fact, we recommend you make it a passphrase–a long password made up of multiple words or phrases. If your password manager supports multi-factor authentication, use that as well. Finally, it’s vitally important that you remember your primary password to avoid getting locked out of your password manager.
Choosing a Password Manager
There are many password managers to choose from. In the Resources section below, you will find a link to reviews of password managers. Meanwhile, when trying to find the one that’s best for you, keep the following in mind:
- Your password manager should be simple to use. If you find the solution too complex to understand, find one that better fits your needs.
- A good password manager should be compatible with and synchronize across all your devices.
- Use only well-known and trusted password managers. Be wary of products that have not been around for a long time or have little or no community feedback.
- Make sure the vendor actively updates the password manager and be sure you are always using the most recent version.
- The password manager should give you the option to securely store other sensitive data, such as the answers to your secret security questions, credit card information, and frequent flier numbers.
- Be suspicious of password managers that let you recover your primary password or allow their tech support organizations to change it for you.
You may want to write down your primary password, store it in a sealed envelope, and secure the envelope in a protected location in case you forget.
Password Managers Not for You?
We understand some people may find password managers overwhelming and too complicated to use. Yet to be secure, a unique password is still needed for each account. How can someone safely remember all those unique passwords? One option is to write those passwords down. This is not an option for work-related passwords. But this may be an alternative to use at home for personal accounts if password managers are simply not an option. The key step is securing that notebook. If you or a loved one does use a notebook to write passwords down, be sure that notebook is stored in a safe place that only you or trusted family members have access to.
Resources
Password Manager Review: https://www.pcmag.com/picks/the-best-password-managers
Multi-factor Authentication: https://www.sans.org/newsletters/ouch/one-simple-step-to-securing- your-accounts/
Below is the link to the latest release:
https://www.sans.org/newsletters/ouch/power-password-managers/
Lofgren IT Consulting is continuing to be open for business. Shane Lofgren can be available for remote support and on-site as needed.
On-site visits: Face masks are available and encouraged. Hands are sanitized between clients
Need to offer remote access for employees or online client counseling? Let’s make the transition smooth, easy and secure.
Offering support on existing network and computers, security reviews, website design and maintenance.
More articles below:
I’m Hacked, Now What?
Security Awareness Newsletter - I'm Hacked, Now What? [...]
Scareware: A Story
Scareware: A Story SANS Institute puts [...]
Identity Theft – Protecting Yourself
Identity Theft - Protecting Yourself SANS Institute [...]