blog-image-safe-store-passwords

What is the safest way to store passwords?

As the threat of cybercrime intensifies, it’s never been more important to keep passwords safe. Over the past year, savvy criminals have been leveraging the uncertainty caused by the pandemic and the rise in remote work to breach user credentials like never before — according to the 2020 Microsoft Digital Defense Report, 70% of cyber attacks now take the form of credential phishing and BEC (business email compromise). 

 

Secure passwords form the most basic foundation of cybersecurity, yet so many of us are still guilty of using the same password across multiple accounts or relying on easy-to-guess options. One of the most common excuses for this is the difficulty of remembering multiple complex passwords. When trickier combinations are used, the problem lies in how to keep track of passwords safely. 

 

Poor password security can result in credentials being breached and sold on the dark web, where criminals will leverage them for activities like credential stuffing, which targets users who reuse a password on multiple accounts. This is easily remedied by password managers, which offer the best place to store passwords online safely. 

 

What is a password manager?

A password manager is an application that securely stores your credentials for multiple online accounts. If you’re wondering, “Is password storing online safe?”, the answer is yes — if done correctly. A good management tool will provide the option to auto-generate strong passwords, which are then stored in an encrypted database protected by a master password. This, in turn, should be secured using multi-factor authentication (MFA), which demands an additional form of authorization beyond your password, such as a fingerprint scan or a code sent to your phone.

 

Since they offer the best way to store passwords securely, password managers are an essential tool for growing SMBs. By making it easy to store usernames and passwords, they encourage the use of complex passwords and prevent employees from storing credentials in unsecured locations, such as on post-it notes or in Word documents. 

 

Most password managers offer a limited free version, but businesses can benefit greatly from multi-account, paid options. These allow for secure password sharing and company-wide password management, which is great for setting master password complexity rules, changing passwords, and controlling access to sensitive information.

 

What is a good app to store passwords?

Now we’ve established how to store passwords safely, let’s take a look at which password manager is the best fit for your business. We’ve done a comparison of four of the best-known and most trustworthy tools: 1Password, LastPass, DashLane, and Keeper, so you can decide where to save passwords for your online accounts. 

 

 

Screenshot: 1password

 
1Password (Jasco’s pick!)

At Jasco, we recommend 1Password as the best way to save passwords. It can sync your credentials across multiple devices and platforms — including mobile, browsers and applications — ensuring secure logins no matter where you are. 

 

1Password also offers the best way to manage passwords through its “vaults” function. Vaults can be assigned to specific teams to segment password sharing — for example, bank information can be shared solely with Finance, software passwords can be shared with IT, and your MSP and other third-parties can be given access purely to the accounts they need, which reduces your exposure. 

 

As well as facilitating secure password sharing and administration, 1Password protects users against breaches such as from phishing attempts, scans the dark web for stolen credentials, and can be linked to authenticator apps to enable MFA for the most secure way to store passwords. While there is no free version, most business users typically require the managerial controls of paid options on every tool. 

Overview
5/5
Key features
Price plans
Trial
Cons

Screenshot: LastPass

 

 

LastPass

LastPass not only stores passwords securely, it can also store credit card details, addresses and more. As well as syncing passwords across multiple devices and supporting MFA, this password manager enables you to log into apps on your phone, which is great for securing your device should it ever get stolen. LastPass is often lauded for its free version, however upcoming changes will remove email support and force free users to choose between desktop and mobile devices, making it less functional.

Overview
3/5
Key features
Price plans
Trial
Cons

Screenshot: Dashlane

 
Dashlane

Similarly to LastPass, Dashlane can encrypt and store a wealth of information beyond your passwords, such as delivery addresses and files. Its free option allows users to store passwords for up to 50 accounts, protected by MFA, while the paid version features alerts for breached credentials discovered on the dark web and a VPN for browsing securely via Wi-Fi hotspots. On the downside, Dashlane is one of the more expensive options for business users.

Overview
3.5/5
Key features
Price plans
Trial
Cons

Screenshot: Keeper

 
Keeper

As one of the most premium options, Keeper does not offer a free version but multiple price points are available. This tool is rich in features, such as data breach and weak password monitoring, secure file sharing, MFA, and encrypted messaging for higher price plans. 

Overview
4/5
Key features
Price plans
Trial
Cons
 

A password manager is only one element of security

These tools are important for business password management, and using them for keeping passwords safe is a great first step to ensure you can track multiple, complex credentials. Alone, or without proper usage, however, they are not enough to secure your accounts. 

 

 

Need help with cybersecurity?

If you’re looking to improve your organization’s cybersecurity, Jasco Technology is here to help. As well as offering comprehensive employee security training, we can carry out a dark web scan so you can secure any breached accounts right away. Contact us today to find out more. 

 

It is often said that employees can be your weakest link or your strongest asset — and for good reason. A lack of security training can leave your staff vulnerable to credential theft. Users should be trained in the importance of strong passwords and the use of MFA as essential security measures for their password manager accounts. They should also be informed that if a password manager does not automatically fill in the details for a saved site, they may have been directed to a fraudulent phishing page.

 

Employee security training not only assists in the proper use of password managers. It can also increase awareness and vigilance toward attempted breaches such as phishing emails, and encourage your employees to report suspicious activity before it infiltrates your organization. Training can also reduce slip-ups like writing passwords on paper or leaving desktops logged in when unattended.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top