In today’s increasingly connected world, cybersecurity and the protection of your business data are of paramount importance. As a result of the steady increase of cyber attacks affecting UK businesses in recent years, businesses are taking steps to tighten up security measures, implementing multi-layers of defence.
One of these security measures is by ensuring password use and management are of the highest standard. Weak passwords can allow cyber criminals an opportunity to breach your network, accessing or stealing data without much difficulty. Unfortunately, many people choose passwords that are easily guessed and cracked by malicious actors, such as their pet’s name or their birthdate.
Current recommendations are to use long passwords with a mix of special characters, numbers, and letters in both upper and lower case. This makes the password far harder to guess and reduces the risk of networks being compromised.
Employees required to log into different sites or applications often find it challenging to remember which password they need, which leads to the temptation to use the same password for each login request. This is when a password management tool can help.
Password managers – what are they?
A password manager is a tool that can generate and store complex, unique passwords. The password generator uses algorithms to produce lengthy, unpredictable and strong passwords made of special characters, upper-case letters and lower-case letters. A generated password is unique with little chance of being guessed or cracked because of the unpredictability factor. The manager then stores the passwords securely in the password vault so you don’t need to remember the username and password combination for all sites and apps that you access.
Password managers can be accessed through browser extensions or apps and there are a few options to choose from, some of which require a subscription and others are free. Google’s free password manager is very popular as it can be used on iOS and Android devices, but how secure is it?
Google password manager
Google Chrome has Google’s password manager built-in, so it is available on all devices once you install the Chrome browser and sign in to your Google account. There is no need to install third-party software or pay any fees to subscribe. The Google password manager also offers to save passwords automatically, and auto-fills passwords from one device to another when syncing with a Google account. It can also check passwords that might be problematic as well, increasing your awareness of possible security vulnerabilities.
Is Google password manager secure?
It is better to use a password manager than not at all. However, Google was designed as a browser, not a full-service password manager, so it is not the most secure method of generating and storing passwords.
Lack of encryption
Google depends on your device’s local encryption system to keep your password data secure. Your password security is directly tied to your device’s safety with browser-based password managers. Dedicated password managers such as LastPass require an extra layer of security, like multi-factor authentication, to access username vaults.
Vulnerable authentication
Another issue with Google Password Manager is authentication, as anyone who gains access to your browser can access all of your accounts without having to provide any verification. Dedicated password managers require you to log in separately with a separate master password that locks automatically after a certain amount of time. Malicious actors are also able to impersonate websites that you may visit and when Google auto-fills login credentials, these can be stolen.
Weak passwords
One of the best features of password managers is the ability to generate complex and unique passwords. Unfortunately, the Google Password Manager doesn’t have the option to customise the generated passwords and they’re not very unique. With weaker passwords comes a greater risk of being targeted by malicious actors and your network breached.
Secure passwords matter
To protect sensitive customer data and shield private business information from prying eyes, choosing the best password manager should be a priority. Basic protection against fraud and malware attacks is necessary for any company as the risks of data breaches are rapidly growing. Small to medium-sized companies are increasingly becoming targets for such attacks. Businesses have the option of implementing fully-featured, password managers that can consolidate passwords and share them among users who need access. This is beneficial for shared accounts or when an employee leaves the company. They also integrate with single sign-on (SSO) solutions that provide comprehensive security for your business needs. The managed security experts at INTELLIWORX can ensure your business has its first line of defence ready to protect your data so you can focus on your core business.
