The Importance of Password Management Tools

InfoGrate strongly recommends using a password manager tool as this is a minimum best practice for cybersecurity.

Leveraging a password manager such as 1Password or Keeper create a host of benefits, including:

1. Ease of use. The app can go on a computer, a phone, and even be a browser plugin which automatically creates and saves secure passwords. No searching for files or sticky notes.

2. Organization. You can use these tools to organize passwords into three buckets:

   1. Personal use: Users can take an export of these if they leave, and it has the benefit of helping to make sure personal passwords are not reused for work logins.

   2. Shared use: very useful for manager sites that require a shared login, like Intralinks.

   3. User specific: Private passwords for work, like O365 logins, etc...

3. Employee offboarding. When an employee leaves the business, the individual’s passwords are in a central location with an Admin account and the Admin can easily change them. For certain logins, Passkeys can be used which let a user login without knowing the password.

4. Supplementary security. Password managers have some basic dark web monitoring, so if a site is breached, a notification within the password manager will be received to change the login.

5. Low-hanging fruit. Password keepers are easy to deploy and manage, and are relatively inexpensive when compared with the cost and risk of a large breach.

Conversely, there are many risks to not having a safe place to store passwords, which include:

1. Physical theft of sticky notes containing login information, since a person cannot physically always at their desk.

2. Wholesale theft of multiple passwords contained in a central file, for example Excel. Even if an Excel file is password protected, it does not have good enough security to prevent a hacker from cracking the file, given enough time.

3. Reuse of passwords for different logins, because if one reused password is stolen, it could be used for logins to multiple services, making a breach exponentially larger.

There are quite a few password keeper options out there, and each come with their plusses and minuses. For example, 1Password is better for smaller teams, while Keeper is easier to administer across larger teams. If you're interested in learning more about the differences among the various password management solutions on the market, feel free to drop us a vendor analysis inquiry at info@infograte.com. Stay safe out there, folks!