Switzerland is currently overrun with cyberattacks. Identity and data theft are an everyday threat, and it is usually poor passwords that open the door to the most sensitive data for criminals. Whether via persistent trial and error (brute force method), poorly secured servers (lack of patch management) or ransomware attacks using extortion software. Weak passwords are easy to crack and cause enormous damage – and not just to one, but usually to several accounts at the same time. Because a single secure password is not enough. But hand on heart – who (if anyone) can remember more than a random combination of 8-15 upper- and lower-case letters, numbers and special characters?
Probably no one. That’s why companies now absolutely need modern, but user-friendly password management. We explain what you should look for when selecting and using a password manager.
Passwort1234? – A password manager provides relief in the password chaos
Ransomware is currently hitting SMEs in particular. 80% of malware reports come from small and medium-sized enterprises. Ransomware is extortion software that can lock computers and then demand a ransom for release. Only with good passwords can you keep ransomware and other malware away from your computers. But this is exactly where most people fail: a multitude of different, complex passwords for numerous logins, which are renewed as regularly as possible and do not follow any logical scheme – it is easy to lose track!
The solution for more password security: a password manager. With such a tool, identity and data theft can be prevented. In addition, a password manager helps to comply with security standards.
- No more forgotten passwords
Nobody likes to remember passwords. But writing them down (whether on paper or on the computer) is even less desirable. With a password manager, you can store, retrieve and manage all your passwords – all in one place.
- Strong passwords stop hackers
A password manager creates random, strong passwords with the click of a mouse. You can also let the tool check the strength of a password you create yourself. This helps reduce the risk of data theft.
How to use a password manager correctly
However, an improvement in protection can only be achieved if the program is used consistently by everyone. Your password security stands and falls with the suitability of the tool for everyday use, how easily and conveniently the password manager can be integrated into daily work processes – if it is too unwieldy or complicated, your employees will sooner or later revert to “Password1234?”. You should pay attention to the following five points when selecting and implementing the right tool:
- Synchronization between all devices
Make sure that the password manager not only works by default in all popular desktop browsers, but also on the mobile devices your employees use.
For quick and secure access, password manager can auto-fill credentials (username and password). Thus, the tool not only improves security, but also the productivity of your employees.
- Proper security architecture
When choosing a password manager, make sure your passwords are captured and protected on-premises, in the cloud, and in a hybrid environment.
- Role-based access control
Many organizations rely on the ability to share passwords across the enterprise and manage them with permissions. To do this, it must be configurable to allow employees with different permissions to access and manage different credentials at vendors, suppliers and e-business portals. This is generally not possible with simple password managers, most of which are free of charge.
· Maximum protection of the password vault
All precautions and security measures for password security are of no use if the password manager itself, i.e., the vault for any passwords, is protected with “Password1234? We recommend user-friendly single sign-on and intelligent identity protection (MIDP) for the most important of all logins.
Double password security with 2-factor authentication
For even higher password security, we recommend an additional 2-factor authentication, often also referred to as multi-factor authentication (2FA or MFA). This requires the matching of a randomly generated numerical code via another registered device (Authenticator app or other options) after the password has been entered. This provides double or even multiple assurance that it is an authorized login attempt – and not a hacker attack.
With the combination of password manager and 2-factor authentication, you gain more security and higher data protection for your SME. We will be happy to assist you in choosing a password manager that is right for your business. Contact us for our Managed Identity Protection Services.