Does the current password management in your small business look like a bunch of sticky notes plastered on the underside of your computer, keyboard, or inside a drawer near your computer? Maybe you are more organized and your password management is a notebook…that is around here somewhere….
Come on, we’re all guilty of it, especially since we’ve discovered that it is a very bad idea to have every password the exact same thing (favorite pet, anyone?) or date (birthday or anniversary?) My kids used to joke that they knew the year I was born, because it was in every single password at home and at work. Luckily, I changed all of that and adopted a password management tool so I wouldn’t be hacked so easily. The added bonus was being able to change the house’s WiFi password until their chores were done…and they couldn’t break the code(s).
What is a password manager?
Relax, you don’t need to hire someone! A password manager is simply a tool that enables users to utilize strong, unique passwords without the need to write them down. Password managers for small business are different than personal password management tools, because they have more features that are multi-user business-friendly.
Password managers are essentially a password book (or organized sticky notes) that is locked with a master key that only the employee or owner knows. Instead of remembering a thousand different passwords, you and/or your employee only need to remember a single password. The password manager handles the rest by recalling passwords and even auto-filling them in browsers.
What features should a password manager have?
The best password managers for small business should have the following features:
- Easy to use
- Excellent Security (look for a minimum of AES 256-bit encryption)
- Multi-factor authentication
- Access to logs and reports showing who logged in and when
- Multi-device support
- Ability to share password(s) without leaving the encrypted area
- Cloud-based program – so that if you lose that sticky-note, you are still covered
- Ability to lock out users or expire passwords quickly and easily
What are some good password managers for small business?
*Let’s pause for a disclaimer: Trinity Valley SBDC does not endorse any of the following programs, they are here for your use and information only. Forbes Magazine did a lot of the legwork for us, and here is what they recommend: (In no particular order)
Nordpass
Pricing: Starts betweem $1.49 and $2.79 (per user, per month)
Free version? Yes!
Best Feature: MFA (Multifactor Authentication)
Norton Password Manager
Pricing: Free
Free version? Yes!
Best Feature: 256-bit AES Encryption
1Password
Pricing: $7.99 (per user, per month)
Free Version? No
Best Feature: Secret(s) Automation Tool (Secures company secrets)
Dashlane
Pricing: $2.00 (per user, per month)
Free Version? Yes!
Best Feature: 256-bit AES Encryption
Bitwarden
Pricing: $3.00 (per user, per month)
Free Version? Yes!
Best Feature: 256-bit AES Encryption
I’ve decided on a Password Manager, now what?
You’ve done the hard part, now you need to install your password manager on your computer. The company you’ve chosen should walk you through the process, but basically you’ll follow these steps:
- Open a fresh Chrome browser
- Google the company or name of the Password Manager you’ve decided on
- Follow their steps for payment and downloading the program onto your computer.
Yes, it’s really that simple!
How do I train employees to use the Password Manager?
Password managers are just one part of careful cyber security. It’s important to implement best practices for password management and make sure your employees are properly trained. Here’s how:
- Walk your employees through the new program, setting new passwords as you go.
- Expire or delete old passwords (in case they were compromised)
- Educate employees on how to spot phishing emails, avoiding malware and viruses.
- Make sure all devices have the password manager downloaded on them.
Can my Password Manager get hacked?
Although it is extremely rare, a password manager can be hacked. Usually, the hack has occurred because you or an employee shared a password, responded to a phishing email, or downloaded a virus onto your hard drive. Most password managers and anti-virus programs help mitigate and prevent hacking, and viruses, but you should be aware that it can happen. It’s important to change passwords frequently and to lock users out of the system once they no longer work for your small business.
For additional information on cyber security and managing your passwords (or sticky notes) please contact us at the Trinity Valley Small Business Development Center – SBDC – TVCC – Serving Henderson, Anderson, Van Zandt, Rains, and Kaufman Counties.