Trust and IT
Jul 14, 2023
You only need to remember one password

Passwords play a crucial role in our digital lives, granting access to various online accounts. Despite their importance, passwords can be a hassle, leading to re-use and security vulnerabilities. But until AI changes everything in ways we can’t yet predict, we still need to use passwords to access all our various accounts.

We’ve all fallen victim to password fatigue, using the same password across multiple accounts. When you signed up for that obscure account to get free ice-cream from a now defunct site, did you use the same password you always use? It’s security may have been compromised, then your login¬†and password are out there on the dark web waiting to be tried on amazon, bank sites and other places you have been.¬† Site hacks like that happen with ever increasing frequency. You can do a quick check by putting your email into haveibeenpwned.com , it will show you if that email is present in any of the known data breaches.

Your password should really just be long. If your password is 8 characters with just letters with some upper case included, it takes a trivial amount of time for a modern hacker on a fast computer to crack it. However, increase the length to 18 characters, and it would take a trillion years.

So how can you remember only one password and still be safe?  That one password is to your password manager system. Password managers handle all the challenges with passwords, like re-use and complexity automatically. There are several to choose from out there.  Lastpass was recently hacked, so they are not a great choice. 1Password and Bitwarden are still looking good and Proton Pass is new and promising.  If you have several people in your business that work with too many passwords, most of these have a good group plan, but only Bitwarden offers a way for you to “self host” for no recurring costs per user.

Password managers offer several key advantages

  1. They will allow you to use unique, strong passwords for each account you have because you just need to unlock it with that one password you remember. If one account is compromised, the breach won’t spread to others.
  2. When creating new accounts or changing an older password, they will create and store new, very secure passwords, eliminating the need to remember them.
  3. Plugins for browsers and mobile mean that you get logged into your accounts even quicker. Most will recognize a site they know about and enter your credentials automatically.
  4. You will be able to create a structured way of securely sharing passwords within your organization for those that need them.

Using the browsers password management is the first stop for many in this journey, but that’s not recommended because it lacks the same level of encryption as a dedicated password manager. Optimal security will use something called Zero-knowledge encryption. This ensures that your passwords remain entirely private, with no possibility of external parties accessing them.

Using a password manager is a great step towards making your online activities safer. It’s important to pick a system that will meet your specific needs and provides the best security for your situation. You might also find that it can make some of your more tedious login workflows a little easier, once you get used to it.  You might even be able to take most of those Post-It notes off your monitor.

If your business needs help with a Password and Security policy , I’d be happy to help out

More Details