What You Need To Know About Password Managers (2022)

June 20, 2022

Password managers are a lot like personal laundry routines. In theory, wearing the same thing every day sounds like a great, time-saving life hack, but shortcuts in this department have some serious (and often stinky) consequences.

So, before your team starts using a password containing your pet’s name, some sort of birth year for the numbers, and an exclamation point for the required special character, let’s review some of the things your team should know about password managers.

In this article we’ll be covering:

How do Password Managers work?

First, let’s talk about what a password manager is and how it works. Password managers use the cloud to create a digital safe that you can access and update from any device. Once set up the password manager can create and store unique passwords for each site you log into.

Why should your team be using a Password Manager?

And why would you want unique passwords for each site? In 2022 your risk of having your information breached is high, both due to the frequency of attacks and the sheer number of sites that require username and password—and sometimes store information such as credit card numbers. Websites and services are under fire every day. Some days the bad guys win, and the best defense is to make sure that the compromised password is only good for that site, not the key to your entire internet footprint.

Compare the number of logins you have now to 10 years ago. Now imagine trying to come up with a truly unique, random password that uses uppercase, lowercase, number, and special characters. This is something that humans are not so great at, but where computers excel. When you have a password manager create your passwords and auto-fill your passwords, it’s like having a personal assistant. You don’t need to remember the password or come up with it yourself. You don’t even need to create and search for separate bookmarks to find the URL/website you want to visit.  Instead, once your login information is saved, the password manager can auto-open and auto-fill any site.

Preview of LastPass – a leader in password managers. Not only does the password manager save the site URL, Username, and Password, but you’ll often have an area to leave notes or configure advanced settings.

How can Password Managers save your team time?

We all have gotten the dreaded “It’s time to change your password” notice. Those websites that make you change your password every 3, 6, or 12 months can be time-consuming to keep up with. With a password manager is just two clicks and you have created and stored a new password. What a difference!

73% of people forget and reset a password at least 1-2 times per month! With a password manager, your team can skip the hassle of chasing down those password reset emails.

What makes a password a “strong” password?

Remember that uppercase, lowercase, number, and special character requirement? Some savvy websites will require their use or rate the strength of your password. Why do they do that? Because the more types of characters you have in a password, the harder it is to crack. Computers are excellent at what is called a brute force attack. The computer simply tries every combination possible. A password with 8 lowercase characters can be found in 10 seconds, and an 8-character password containing at least one lowercase letter, an uppercase letter, number, and character would take 24 hours. Change that password to a complex 12-character password and you lengthen the protection to years. [1]

How much do Password Managers cost?

So now that you are convinced a password manager will make you safer in the wilds of the internet and save you time, you might be thinking about the cost. Many password managers offer both a free and a paid version. Free versions work best for light personal use where no sharing is needed. Many free versions will also limit the number of accounts stored or the devices you use to access the information. Premium or paid versions are best for teams or even families that want to work together, access their passwords from anywhere, and store information centrally.

Our preferred password manager, LastPass, offers both a Free and Paid version (LastPass Pricing). If you are debating between the Free and Paid version of LastPass – we find that the free version works well for individuals if you only need your passwords on one device, and the paid version offers a lot of added value for companies and is well worth the cost.

What types of devices can Password Managers be used on?

To use a password manager, you will need an extension in your internet browser for your laptop or tablet or an app on your phone. To protect your passwords, you will use a master password and a second authorization such as an authenticator app (learn about our friends over at Duo).

Adding multi factor authentication to your security strategy doesn’t have to be disruptive to your team. However, not adding MFA can put your business at unnecessary risk. Learn more about MFA.

Saving passwords in Internet Browsers vs. using a Password Manager

Many popular internet browsers will store passwords for you. It’s already part of your browser and it asks you if you want to store the password. You won’t have to remember it so sure, why not? But is that password secure? Is it stored encrypted? Is it protected with a unique password and second authenticator method? Or is it accessible to anyone who has access to your computer or could get access to your profile through cracking just one of your passwords?

Did you know Google Chrome saved passwords in “plaintext” until they finally started encrypting them locally on the machine in 2019… YIKES!

Unfortunately, with most browser-stored passwords—even with those that use encryption—it does come down to that easy access. 

Vulnerabilities of Browser-Based Password Managers [2]
  • Weak Password Generators
  • Browser-Only Usage
  • Easily Accessible Once Device is Unlocked

Our recommendation is to never store any passwords in your browser. Some browsers do have one or two security features, but none match all the security protocols of a dedicated password manager.

A painless login experience with the LastPass Authenticator app.

What things should you look for in a Password Manager?

When evaluating password managers there are two main criteria. First, are the passwords stored with encryption. Second, is the access protected by both a password and a second authentication method. As mentioned earlier, computers are very good at hacking passwords but when a second method such as an authenticator app is used, your account and your passwords become even more resilient. Two-factor or multi-factor authentication—MFA—expands the protection of your password manager to cover social engineering, keystroke logging, and stolen credentials. 

How to help your team adopt the use of a Password Manager?

Sounds great but not looking forward to convincing the team to change their habits? As humans, we have evolved to favor doing things the way they have always been done. Our brains love shortcuts and learning takes energy. Computer hackers have taken advantage of that tendency. But getting your team to use a password manager is not a Mount Everest task, it’s more like a gentle rolling hill. 

First, your MSP can auto-install the software for each user. If you were using a browser or other password manager to store passwords, you can even have all your existing passwords transferred. If you are new to using a password manager tool then it’s just a quick setup for each website or service you visit.

After those initial visits, you are set for secure productivity.

Conclusion

Password managers create the seamless internet experience we all crave while keeping your information safe. Once you use a password manager, you see how much time you save, how much more secure your passwords are, and how easy it is to change and share this information. You won’t turn back.

Helpful best practices when utilizing Password Managers:
  • Don’t reuse passwords
  • Create complex passwords
  • Enable 2FA/MFA

When you get those three tasks checked off the list, rest easy knowing you just leveled up your data protection.

ITPartners+ recommends the LastPass password manager with Duo as a second authentication method. Both are the best in their class, have transparent pricing, and are easy to use. Pair those advantages with our expertise and it makes the decision easy.

LastPass is a secure password manager that stores encrypted passwords online.

  • Best Software Awards for Best Security Product – G2
  • Chrome Web Store and App Store rating – Based on 75,000 reviews
  • Best Feature Set in Identity Management – TrustRadius
  • Best for Ease of Use Password Manager – Money.com
  • Most Innovative in Multi-Factor Authentication – Cyber Defense Magazine
  • Password Management Solution of the Year – CyberSecurity Breakthrough
  • Best-Of Business Password Management – Expert Insights
Sources

[1] What is a brute force attack and how long to crack my password. Retrieved from https://www.keepsolid.com/passwarden/help/use-cases/how-long-to-crack-a-password

[2] Is Chrome Password Manager Secure in 2022? All Things Secured. Retrieved from https://www.allthingssecured.com/tips/password-security/is-chrome-password-manager-secure/

Password Managers

Your IT, Your Way.

Ready for a sidekick? From continuity products to consulting, security, and everything in-between, we will customize a solution that unlocks your full potential. 

20-Second Form

Send the pricing to: