Are Password Managers Safe for Your Business?
As if it weren’t bad enough to keep up with passwords when we were limited to PCs, professionals today now must handle multiple passwords on multiple devices. Remembering passwords and entering them on tiny smartphone and tablet keyboards is a constant challenge for consumers today, who are tasked with finding a way to keep up with it all.
Within enterprises, help desks are consistently fielding calls from locked out employees who have forgotten their passwords or let them expire. This is added to the countless man hours spent contacting cloud providers and websites to gain access to misplaced passwords. Thankfully, there are password managers now available to put all of those passwords in the cloud, where sites can automatically access them. But does this put your organization’s data at risk?
How Do They Work?
With a password manager, all of a user’s passwords are stored on an encrypted cloud-based server. When a user enters one assigned password, from that point forward he is automatically logged into each of the sites that have passwords associated with that login.
In an enterprise environment, businesses have the option to choose to centralize password management, with assigned administrators controlling the one password each user has chosen. If a user gets locked out, he needs only contact his local help desk to have it reset.
Security Concerns
If employees are keeping up with passwords on sheets of paper they leave lying around, password managers are a much better alternative. This is also true in enterprises where employees store passwords in a document on their devices.
However, there have been concerns about the encryption offered by these services. It’s important that businesses understand these risks and find a cloud provider that offers the best security available today. Passwords should be fully encrypted and inaccessible to intruders, as well as ensuring master passwords are both complex and kept secure. Because one password unlocks everything, a careless employee leaving a password tucked inside his laptop bag can be devastating.