If you ask a security professional, you get by-the book advice about sharing passwords: “Don’t share passwords.” But we know, in reality, that doesn’t work. Your office might be sharing a single password for apps like SurveyMonkey right now to save cash on buying additional users, and some social media accounts don’t even give you the option to have multiple log-ins.
Sharing passwords in your office is sometimes necessary for collaboration, and the best way to do this is by using a password manager. Affordable, layered with security and simple to use, password managers are the safest and easiest way to store and share your firm’s private passwords.
So What Are Some Reasons You Would Need To Share Your Passwords?
Shared accounts are the biggest reason firms and businesses share passwords. Whether their employees work from a physical office or at home. It improves collaboration and makes employees’ jobs a lot easier.
Sick leave, employee turnover, holidays and “Bob isn’t coming in because he ate bad fish last night but has our Amazon log-in” are other reasons passwords get handed around like a plate of ham at Christmas lunch.
However, unsafe sharing habits will put your private passwords in the hands of greedy hackers, who can fetch a high price for your data in dark web markets. IBM Security reported that in 2022, 19% of all breaches were caused by stolen or compromised usernames and passwords.
With a data breach having the potential to cost you hundreds of thousands to millions of dollars, it makes more sense to take preventive measures to avoid that kind of a loss in the first place. That starts with creating strong passwords and sharing passwords safely.
So, how do you share passwords safely?
First, Avoid These Common Password-Sharing Mistakes
When it comes to password sharing, remember:
- Don’t send passwords via e-mail: E-mail is the #1 target of hackers, and many e-mail services aren’t encrypted. Those that are encrypted are still risky because e-mails are stored in several servers on their way to or from your account. That means your e-mail is sitting in a Sent folder, ripe for the taking by anyone who gets into your e-mail account, encrypted or not.
- Never text or chat passwords: Like e-mails, SMS messages or messaging apps like Slack aren’t secure. Once a text is sent, it is available for anyone to see.
- Stay far away from storing passwords using pen and paper and shared documents: Sticky notes, memo pads, Google Docs – NEVER write down your passwords.
- Avoid the temptation to store passwords on your device, such as your web browser: If your device gets hacked, nothing stops them from taking every password you saved into your web browser or any other piece of software. This is a common cause of the most recent high profile data breaches.
The Best Way To SAFELY Share And Store Your Passwords
We recommend using reliable password managers because they have multiple layers of encryption so only those with your master password can see it, AND they include more robust security and sharing features.
Password managers offer time saving benefits with things such as copy and paste, and more advanced ones offer a fill option where with a mouse click or keyboard shortcut it enters your username and password for you.
To use password managers, you only need to remember one password – the master password. Some also offer the option to access your password manager using a biometric login, such as your fingerprint, which again saves you time.
One potential downside is that whomever you share a password with needs an account for the same service, unless it offers a function called secure one-time share.
A Word To The Wise: Look out for password managers with a bad security track record, like LastPass, which was breached in 2022, 2021, 2016 and 2015.
Smart Firms And Businesses Use Password Managers
It’s a good idea to avoid sharing passwords as much as possible, but when you have to, use a reliable password manager to ensure you have control over exactly who sees your usernames and passwords.
Naturally, and it goes without saying, talk to your employees about safe password hygiene, host regular security-awareness training for employees and use multi-factor authentication with every account. It’s not just safe business – it’s smart business.
If you’re not sure which password manager to use, give us a call and we’ll get you set up with one.
My Info Tech Partner is a trusted IT Services and IT Support provider in Perth that specialises in helping the equity principals, partners, directors, and practice managers of legal, accounting and financial services firms from making big expensive mistakes with technology and ultimately, protect their livelihood.
Naturally, we are the only one that offers you enhanced peace of mind with our “Never Pay The Ransom” $10,000 Money Back Guarantee.