It may be difficult to remember this, but in the early days of the internet keeping track of passwords was pretty straightforward. For one thing, you didn't need that many. Plus, you could get away with simply using memorable factoids about yourself to craft your credentials: hobbies, important dates and so on. But as the internet has become more ubiquitous (and more complex), short, easy-to-remember passwords simply aren't an option if you want to stay safe.
Secure passwords are complicated and difficult to memorize. One way to solve this problem is to commit your login info to a notebook or some other analog record that you keep hidden away from prying eyes. Of course, that presumes that you don't mind carrying around easy-to-lose paper records all the time. For everyone else there are password managers. Password managers are encrypted repositories of login information you use to maintain and manage passwords across accounts and services. A lot of internet browsers, including Mozilla Firefox and Google Chrome, have built in password managers, which also auto-fill credentials for different accounts.
There is one shortcoming to these browser-based password managers: they don't necessarily allow you to use your credentials across different devices. For that, you'll need a third-party password manager. This goes double for small businesses who often need to manage not only multiple accounts and end points but also multiple users with different levels of security access.
Password Security for Businesses
There are numerous products for managing passwords in a commercial setting. A good business password manager will allow individual employees to manage their own passwords as well as generate secure credentials. For company-wide accounts, many programs will also allow administrators to grant access to certain staff members as needed. Some even allow administrators to track the quality of employees' passwords to ensure that workers aren't doing things that might leave the company vulnerable, like doubling up on passwords for different accounts or using passwords that are easy to guess.
In addition to securing an organization's passwords on a centralized manager, every org should consider using multi-factor authentication (MFA). This adds an extra layer of security to company accounts. If you are going to use MFA, we also recommend using an authentication app, rather than older forms of MFA, which rely on email or text messaging. These older forms of MFA aren't nearly as secure.
Some other policies that will enhance your password security are mandatory password resets every so often, regular password auditing and, finally, thorough training procedures so that employees understand the importance of protecting their credentials. It's also a good idea to have an IT point person or ticketing system in place so that employees who need help can get assistance quickly.
Password security is but one aspect of a well-developed security apparatus. A secure organization will also need help in establishing policies, emergency procedures and hardware infrastructure if it's to survive in today's fraught IT world. Give Titan Tech a call today to learn how they can help keep your business interests and assets secure.
And join us next week for more tech news.