Password Management Techniques

Weak passwords are one of the most significant vulnerabilities for businesses of all sizes. While you can pour money into the latest cybersecurity tools, if your employees are using weak passwords, there is always going to be an open back door into your system.

In theory, we are all well aware that our passwords need to be stronger. But despite this, passwords like ‘password123’ or ‘123456’ are disturbingly common. There are plenty of things we can do to make our password protection more secure, like avoiding using family or pet names, not reusing passwords, and not saving your passwords on your browser. But these solutions don’t always cut it, and staff tends to do without good password hygiene more often than not.

Part of the reason for this is that we are all human, and remembering a variety of different, complex passwords is hard. It is also, if we are honest, annoying to have to change your password every couple of weeks, just when you had gotten to grips with all those symbols and capital letters.

Luckily, there are a few easy and simple techniques to help you manage your passwords which allow you to keep your system secure without having to worry about multiple hard-to-remember passwords and getting locked out of your account!

Find out how secure your
passwords are

There are several great resources for discovering how secure your current passwords really are. Just be prepared for a shock! Our favourites are haveibeenpwnd and howsecureismypassword.

Use a password manager

This is the best, most secure, and most convenient method of managing many different passwords over multiple sites. A password manager stores all the login information you use for all the websites you visit and encrypts this password database with one master password, the only one you have to remember. Good password managers like LastPass, and 1Password will generate strong, secure passwords for your various logins and change them on a regular basis.

A lot of users on Apple use Keychain on their devices. Keychain has the benefit of coming directly from Apple and is deeply integrated into macOS and iOS. Protected by 256-bit AES encryption to store and transmit passwords and credit card information, it also uses elliptic curve asymmetric cryptography and key wrapping – a method of security that ensures all data synced between devices is kept safe.

When it comes to security, iCloud Keychain is a robust service, but password managers such as 1Password or LastPass, on the other hand, provide a much wider reach.

Use two-factor authentication

Two-factor authentication requires two different methods to confirm your identity before you can access an app or website. So even if you enter your password correctly, you will still need to input a code sent to your phone or email to be able to log in successfully. This means that even if your password is hacked, you can still be secure (as long as you haven’t lost your phone as well!)

Password protect all your devices

While work computers and business accounts all require passwords, if all your devices are not secure, then you might have a weak link. People often save passwords on their phones, and apps sometimes don’t require security to log in after the first time, so ensure that every device you have is password protected.

Use AI

Many companies have moved towards using AI to increase their password security. Things like biometrics -- facial recognition or fingerprint access -- can be a great way to beef up security and avoid the complications of weak passwords all together.

Strong password security is essential to ensuring your organization is properly protected. Take a look at our suggestions above, and make sure everyone in your company is doing their bit to keep you safe and secure from cyberattacks.