Everyone knows the importance of passwords. From ancient days, secret passwords have been used to authorize entry for those who know them. Those who could not accurately state the password were restricted access and may even have been considered enemies. That’s the idea behind the use of passwords in the field of computing. The problem is that many passwords are too easy to guess, especially with the help of other computers that can calculate millions of possibilities per second. To combat password hacking, experts advise using different passwords for each service, and storing all these passwords in something known as a password vault.
Why You Should Never Use Just One Password
Many people are aware of the importance of using strong passwords for their applications. But since it can be hard to remember so many complex passwords, many users resort to using the same difficult password for all their internet logins. That may seem like a good idea. After all, the reasoning goes, the password is so difficult that no one will guess it in a million years. But that idea is flawed. In the case of data theft, cyber criminals wouldn’t need to guess your password at all. In August 2013, every single Yahoo! password was stolen. That amounted to some 3 billion users. For those who used that password for all applications, all the hacker would need to do is to plug it in — and every other internet login the user has is compromised. Ugh!
What Is a Password Vault?
The alternative to using the same password for every access is either to write all your passwords down or to store them in a password manager. Of course, writing them down is not very secure either. Anyone who finds your list will have immediate access to everything. Password managers, also known as password vaults, are used to store all your passwords electronically in one place. This way, users only need to remember a single (super strong) password to access all of their logins. Password Vaults (like LastPass the one I and H&D uses) store all the passwords in encrypted form-this means that if LastPass were to get hacked, none of the passwords could be read by the hacker. Since your LastPass login has a super strong, unique password with Multi Factor Authentication (MFA), getting access to your account is very, very difficult. LastPass cannot see your passwords either-ever. It has free accounts that can then be upgraded to premium for businesses. This allows you to have one central repository for your business, that you can choose to share passwords with granularly. You can categorize passwords and only share passwords with specific people: ie accounting, human resources, etc. LastPass rocks-we love it at HDTech!
While it may seem like the wrong choice to put all your eggs in one basket, the consensus among experts is that password managers are the best way to secure your passwords from hackers. Dr. Mike Pound carefully explains the technology behind password vaults in one of Computerphile’s excellent videos.
Browser Vaults Aren’t Enough or Upgradeable
Web browser password managers have been around for a long time. Many users have gotten used to the way their web browser will automatically remember their passwords for them, and the only thing required is to log into the web browser. But what happens if you use a different browser? Your passwords won’t follow you, and you won’t be able to access them until you log back into the original browser. Not only that, browser vaults are generally not as powerful as third-party password managers (a password vault), and they won’t provide the same level of security-nor can they be upgraded for a business account that would allow the sharing of passwords for employees.
Of course, no security measure is 100% guaranteed. The best practice is to do your homework and select the most effective and reasonable solution for yourself or your company. What we can say without equivocation is that neglecting proper password management can open the door to a security breach that may put you out of business in short order. Better to take a few steps now than to be sorry later. Password vaults are an important part of a larger internet security strategy. If you haven’t set yours up yet, do it today. Your future may depend on it.