In today’s blog post I’m going to switch gears and talk a bit more about something that affects consumers more-so than enterprises. That topic is password management. While this issue is an enterprise problem – it manifests itself horribly in the consumer world. Password management is key, and in this article I plan to offer why utilizing a password manager utility offers a greater security approach than not using one.
A bit of backstory – like most consumers I usually kept a rotation of 3-5 passwords over the years. Each time I needed a password change, I’d change one character and move on. My passwords were moderately complex, but kept to the same overall pattern. This was not a very secure approach, but I hoped it would be enough. We can all agree, hoping to have something not happen is not a great insurance policy.
About 5 years ago a good friend of mine shared a password with me via Dashlane. This was a novel concept – instead of someone emailing or texting me a password, this person used a solution that required me to 1) create a login & 2) authenticate to retrieve the User ID & Password. This was amazing. I then learned this password was 16 characters with letters, numbers and special characters. How could someone remember that password? I then learned the password manager itself created the password & saved it. The password manager kept that password encrypted in the cloud – so no matter where they went, the user ID and password were retrievable. The password manager was protected by multi-factor authentication and also synchronized the credentials across multiple managers.
Once I realized the full benefit of having a password manager, I then did my own personal bake off amongst the top two: Dashlane & LastPass. Both were great, but at the time LastPass had a Windows Phone app – something that was a requirement for me at the time. Over the years I’ve stuck with using LastPass and have become a great fan of the tool. However, I have friends that use others such as Dashlane, 1Password, Roboform and others.
I believe a password manager is a great way to increase one’s own personal security. One major benefit most of the tools offer is a review of all of your user accounts & passwords. This review checks for duplicate passwords, compromised accounts on the dark web, and other weaknesses in your password armor. Some of them, such as LastPass and Dashlane offer to change your passwords for you automatically!
Now, some of you may have concerns about using a password manager. Yes, if someone were to break into your password manager it’s possible to gain access to the list of all of your login accounts, their passwords and even secure notes if you use those. However, I believe the benefits far outweigh the risk:
- Generate highly secure passwords that are available on all your devices
- Protect all of your logins with Multi-Factor Authentication
- Automatically log you into your accounts and fill forms easily
- Securely keep notes such as credit card numbers and WiFi passwords
- Share passwords with others without them knowing what the password is