Back to blog
Cyber Security

Password Managers: What They Are and Why They Matter for Business

4 May 2021Kieran Turnbull2 min read

A password manager is becoming essential for businesses of any size. Business password management involves securely storing and tracking all credentials that employees use, including passwords for computers, email accounts, HR systems, accounting software, and banking platforms. As staff accumulate multiple credentials, managing them becomes increasingly challenging.

When employees share passwords, such as for social media accounts, risks escalate significantly. This often leads to passwords being stored in spreadsheets accessible to many people, creating serious security vulnerabilities.

Why is business password management important?

Relying on memory for numerous passwords encourages employees to create simple, memorable passwords or reuse existing ones. With organisations increasingly adopting cloud-based services, employee credentials become an attractive target for attackers.

Poor passwords. Attackers use automated tools or targeted guessing. A typical example is using a child's name (often available on social media) as a password.

Reused passwords. Even strong passwords become problematic when reused. A phished employee means all accounts using that password become compromised. Regular security training is recommended.

Password leaks. Passwords stolen from data breaches compromise accounts even when employees made no mistakes. Combined with password reuse, this represents a common attack vector.

Proper password management is critical for protecting business data and operations.

What is a password manager?

A password manager is an application that securely stores usernames and passwords for convenient access. Basic versions save passwords in browsers, but without syncing, device loss means credential loss.

Cloud-based password managers offer superior security by storing credentials remotely and providing access anywhere needed.

Popular examples include Keeper Security, LastPass, 1Password, and Bitwarden.

Key features to consider

  • Mobile device support for on-the-go access
  • Autofill functionality for faster logins
  • Dark web monitoring to alert users of compromised credentials
  • Single sign-on support for reduced password burden
  • Automatic password generation for strong credentials
  • Audit logging for tracking shared password usage

Is there risk in using a password manager?

The concern about "putting all eggs in one basket" is valid but manageable. When properly secured, password managers outperform alternative methods. Protective measures include:

  1. Using strong, unique master passwords
  2. Enabling multi-factor authentication for additional security
  3. Implementing single sign-on where possible

Summary

Password managers significantly enhance business security. If your organisation hasn't adopted one, it warrants serious consideration for improving your security posture.