Password Managers Demystified: 4 FAQs
- Post by Janet Gehring
- December 5, 2021
A password manager is a useful tool for securing the numerous credentials we use every day. Here’s what to know about password managers and how they can help protect your business.
It’s specialized software that helps you generate, store and retrieve unique passwords for both local applications and online accounts in an encrypted database, or vault. The only password you need to remember is the one that unlocks the vault.
It all starts with strong encryption. AES 256-bit encryption is the industry standard for the most secure password managers. This encryption is also used by the military because of its exceptional strength.
Zero-knowledge architecture means your passwords are encrypted before they leave your device. This prevents an attacker from deciphering them from a location other than your actual computer.
Most managers will ask you to use a master password for accessing your vault. For an additional security layer, you should use two-factor authentication (2FA) or biometric authentication, like a fingerprint or face scan, if it’s available to you.
Some password managers will remind you to change the passwords regularly and evaluate their strength. Others will scan the dark web to check if any of your logins appeared online. Some will do both, and then some.
First, decide which features you need. Those built-in to browsers (for example, the pop-up you get from Chrome asking if you want to save the password when you log into a website) are safer than they were even a few years ago. Still, they have limited capabilities.
For business purposes, a paid password manager is going to be more robust, convenient and secure than a free app. Look for these features:
Remember, no technology product or service can guarantee 100% safety. Quality password managers are exceptionally secure, but not foolproof. These common risks are based on both the technology and personal behavior:
Even though it’s possible for password managers to be hacked, the scenario is highly unlikely. While there have been a handful of reported security vulnerabilities since 2015, none resulted in the exposure of usernames and passwords. Password managers are more likely to be compromised due to user carelessness.
Implementing a password manager across your organization makes sense for your overall cybersecurity protection. Using one makes it quicker and safer to sign into websites you know. It also reduces the chance you’ll sign into a look-alike site, since the password manager won’t suggest a password for a site it has never seen before.
If you’d like to know more about how CRU Solutions can help keep your business safer, contact us.