Password managers can be extremely effective, but should you use them to keep track of your passwords for everything? Probably not. While these systems have proven to be safe, using them to store sensitive information like bank account logins, personal identification information or company records is not recommended.
Here is a quick guide to all things password protected or managed:
- Double, or triple up on passwords. Although using the same password for all accounts may be easiest to remember, it also makes your accounts much more susceptible to security breaches.
- We recommend changing your passwords about every three months. Changing them frequently also ensures that you are in accordance with compliances such as HIPAA.
- Unless employees require access to all account passwords, we recommend internally limiting who has access to the master passwords. Only provide passwords to employees who genuinely require access for the duties of their position.
- We see a lot of our clients using password management programs like LastPass or OneLogin to keep track of their various passwords and accounts. Most programs are cloud-based, password managers that keep track of all passwords as well as help randomly generate login information. When using a secure provider, these systems can be certified and proven to be protected. If interested, ICC can provide you a list of password management systems that we trust.
- Hackers can mimic a fingerprinted password protected system much easier than a system locked with a paraphrase that’s tucked in the back corner of your mind. For personal devices like phones or tablets that typically store less vital company or client content, fingerprint logins are more widely accepted.
Keeping certain account passwords logged in certified, password management systems won’t necessarily harm your business. Be sure that you and your employees are aware of your internal security system for how your business protects the keys to your content.
Contact us today for recommendations on where and how to store your passwords.