Reduce the Risk of a Cyberattack – Invest in a Password Manager
By: Dave Kelly, CTO, SensCy
October 21, 2022
The world has become digitized. Everything we do from our personal banking to our job productivity now demands us to create login information to efficiently complete tasks. Managing login information and complex passwords has become an unwanted but necessary burden.
The default response for most of us has been to create one complex password that we use everywhere we log in. Unfortunately, this natural response opens us up to significant risk of a successful cyberattack against our personal accounts. Think of what could happen if someone obtained access to your banking, investments, retail or social media accounts—worse yet, it introduces substantial business risk to the companies we work for, manage, or own. Why? Imagine the following scenario:
Your daughter wanted a popular snowboarding jacket last Christmas. You found a coupon that required you to set up an account on the retailer’s website. You set up the account, used the complex password that you have memorized and used on every site, and ordered the jacket. One year later, after you have already forgotten about this “one-time purchase” account, the retailer is hit with a cyberattack. The hackers get your full name, address, phone number, and… that password that you use everywhere.
What do the hackers do next? They search LinkedIn and find out you’re a small business owner. They go to your company’s website to find out your company email domain. Then, they try all combinations of your name along with @yourcompany.com plus… that password you use everywhere. They log in as you. Once they log in, they have access to all company systems and can steal customer data, employee data, proprietary data or deploy malicious viruses like ransomware.
The above cybersecurity incident is not hypothetical. It happened in July. You can read about it here.
We cannot be expected to create dozens, if not hundreds, of unique, complex passwords and remember where each one is to be used at work and at home. Fortunately, we don’t have to. All we must do is get a password manager.
A password manager is a mobile/desktop app that generates and stores unique passwords for you. Think of it as a password vault as it uses military grade encryption to keep all your login credentials secure.
Why Invest in a Password Manager?
- They generate and store a unique complex password for each account you access, so you don’t have to remember them
- They save you time as they autofill credentials for faster access to online accounts
- They are a second layer of defense against a phishing attack (credential autofill will not work on a site that is not legitimate)
- If a cyber criminal gets credentials for one of your accounts, they will not be able to access any other account
- They help you follow good cyber hygiene practices
If you are a business owner, investing in a password manager for employees can not only help protect your business from a cyberattack, but it can also be an employee benefit. Most business password managers include family plans at no additional cost, allowing your employees to protect their loved ones along with your business.
“The best part about a password manager is that, in the rare case you clicked on a link in a phishing email, the password manager will not auto-populate the user ID and password, as it is not the legitimate site.” Raj Patel, Chief Growth Officer, SensCy
Password managers are an affordable safeguard, ranging in price from $40-60 per year, per employee. To help get you started in obtaining a password manager, here are two that SensCy likes based on their robust features and ease of use:
- Bitwarden Enterprise
- Keeper Business
If you found this blog helpful, read our Social Engineering: How Hackers Target Your Employees blog.