Password Managers - Are they safe?


Posted By: Ryan Richardson - 1/12/2022 12:00:00 AM

Stories surfaced at the end of 2021 about the password manager, LastPass, having some of its customers’ master passwords compromised.

The Vice President of Product Management at LastPass, went on to state that the alerts were “likely triggered in error” due to an issue in the LastPass alerting system that has now been fixed, but this whole situation has caused some hesitation around the use of password managers. 

DO YOU USE A PASSWORD MANAGER IN YOUR BUSINESS?

At Runbiz, we recommend it. We believe that the advantages of password managers far outweigh any risk, especially when you secure your account with multi-factor authentication.

Let’s start by telling you what a password manager is and how it works.

Most people have dozens of online accounts and services they currently subscribe to or have used in the past. This number is typically much larger for business owners and managers.

To login to each of these, you need your email address and a password. These details – along with something called multi-factor authentication, where you enter a code from another device to prove it’s really you – are the main weapons stopping cyber criminals from accessing your accounts.

These services all require you to sign in with an email address, a password, a sometimes a second device for multi-factor authentication to ensure that it’s you and not a bad actor. These are all of the factors that stand in the way of unauthorized users getting into your accounts.

For years now, scammers have found it easy to get email addresses, with them being widely available across the internet, but recently they have become very smart about guessing password. Most use automation tools to help their efforts along.

There are several common ways that someone would land on your password. The first being a common word attack. This is where they will try out thousands of common words as the password. It tends to work well against people who use their kid’s name, pet’s name or even their favorite football team’s mascot.

Another approach would be what is known as a brute force attack. This combines millions of combinations of random characters.

The most effective way for someone to access a wealth of information, is to discover a password you use on one account, then try it on all of your other accounts. If you are one of the many folks that reuse passwords on a regular basis, one account breach could lead to major trouble for you.

There are some simple best practices for creating passwords that prove to be very effective:

  • Use lengthy, random passwords or full-on sentences (such as “$unshine@Th3BeachisN1ce.”)
  • Don’t write out your passwords or store them anywhere that is not encrypted
  • Avoid using the same password on multiple accounts

It’s easy to be aware of best practices but putting them into action is a challenge. Keeping up with multiple passwords and remembering which account they belong to is probably not going to happen. And we all know that resetting your password every time you try to log in is flat out annoying.

So, to make life a little easier, people compromise on these best practices and simplify.

Some of your employees will probably use weak password. Others might use the same one for everything. Or worst-case scenario, Bill from accounting leaves his password on a sticky note plastered to his monitor. 

This is where a password manager comes in and makes the burden of these best practices more realistic and convenient.

When you create an account or it’s time for a new password, it will randomly generate a very long password (ideally at least 16 characters), that is tough for the human eye to even read. It also scatters in special characters such as %, $, and @.

Best of all, it remembers the password, and when it comes time to log in, you don’t have to type a single letter. It will autofill the password for you.

WHAT ARE THE CONS OF USING A PASSWORD MANAGER?

Most hesitation revolves around storing all your passwords in a single place. In theory, if someone were to hack your master password, they would have everything at their fingertips. But there are several layers of protection that we always recommend using. This starts with creating a very strong master password that uses the best practices we covered above. This is the only password you will have to remember, so you might as well go above and beyond. Second, enable Multi-Factor Authentication on all your accounts. Finally, when it’s available, turn on Face ID.

Can you eliminate every ounce of risk that comes with using a password manager? No. There is no 100% full-proof method with anything cyber-security related. Is using a password manager safer than not using one? We believe so, which is why we recommend them organizations that we serve.

Password managers make good cyber-hygiene realistic and attainable for busy people.

If you want our recommendation of which password managers to investigate, reach out to us here on our website and we will point you in the right direction.

WHO IS RUNBIZ?

Run Business Solutions is an IT managed services and website services provider based in Amarillo, TX. We support small to mid-sized businesses both regionally and throughout the country. We pride ourselves on helping businesses leverage technology, not just tolerate it. Runbiz is focused on enthusiastically providing excellent technical strategy, services, and solutions that drive our customers' businesses forward. We are passionate about our mission to empower you to do what you do best. 

To learn more about our approach to IT, visit our Managed IT or Co-Managed IT pages. If you are looking to revamp your website to look and perform better, visit our website services for more information.

To speak to a member of our team, fill out the consultation form! We would love to learn more about your company, your technology needs, and how we can address the unique challenges you face.

Recent Posts

Runbiz U


Run Business Solutions is an IT Managed Services and Website Services provider based in Amarillo, TX. Since 2007, we’ve supported small to mid-sized businesses both regionally and throughout the country. We pride ourselves in helping businesses leverage technology, not just tolerate it. Runbiz is focused on enthusiastically providing excellent technical strategy, services, and solutions that drive our customers' businesses forward. We are passionate about our mission to empower people to do what they do well. To learn more about our approach to IT, visit our Managed IT or Co-Managed IT pages. If you are looking to revamp your website to look and perform better, visit our Website Services page for more information. CULTURE AND CORE Teamwork is the bedrock of the runbiz™ culture. We believe that every team player is what makes Runbiz successful. Our culture and core values are what set us apart. We must be a group of exceptional team players if we are to be an exceptional company. We believe in empowering our team, not only with the tools necessary to get the job done, but also with the confidence and freedom to do the right thing for our customers and teammates. We each understand the essence of our roles, we are motivated by empowering people to do what they do well and have clarity on how to play a part in the vision. We strive to live out the following core values daily: Kindness – We are caring, respectful, and patient. Integrity – We are honest, dependable and we do the right thing. Excellence – We are learning, improving, and exceeding expectations. Servant Heart – We are humble, helpful, and positive. Teamwork – We are team players and playing to win. You website can be a powerful tool for your business. However, if your potential customers cannot find it or cannot find the information they are looking for on it, they will likely return to Google and find another site that provides what they are looking for. We offer you the tools to take control of your website's content. Ensure your placement in Google's ranking and increase your leads and conversions by keeping your content up to date and relevant with runCMS. runCMS does not rely on third party plugins that are prone to breakage. Instead, it is actively developed, hosted, and supported by the friendly and experienced staff at Run Business Solutions. That means that you don't need to worry about dealing with hard-to-reach, unreliable web hosting companies. runCMS is powerful and easy to use. We would love to show you how it works. Powerful Tools RunIT CMS gives users powerful and easy to use tools to make managing website content easy. These tools are managed independently and the pages update automatically. This reduces (if not eliminates) the need to use third-party tools to accomplish goals. However, RunIT CMS allows for complete integration with custom CSS and JavaScript. Galleries A Gallery is a collection of images. RunIT CMS gives users the ability to create multiple Galleries. Users can upload and re-size image and add them to a Gallery. Images can be re-ordered, deactivated and given a hyperlink. ALT tags are fully accessible. Galleries can be added to pages as thumbnails, slideshows, or thumbnail slideshows. The slideshow is powered by the Nivo Slider by Dev7studios. Libraries A Library is a collection of Resources. A Resource is a file with a Title and Description. A Library could be seen as a collection of files made available on a website with a title and description. Library Resources can have an expiration date added which will cause them to no longer appear on the website when the expiration date passes. Libraries can be added to pages as simple lists of Titles that are download links or as tables with the Title, Description, File Name, and a Download button. Library downloads are tracked and are reported in the Analytics Dashboard. Blogs Blogs are a great way for users to publish fresh content to the world. RunIT CMS includes a Blog tool with Categories. Blog Posts can have a cover photo, can be deactivated, and are edited with the Custom Content Editor. Blog Posts have an optional expiration date. All non-expired, active Blog Posts are added to the site's automatically generated sitemap.xml file and the site's RSS feed. Blog Posts can integrate with Calendar events, allowing users to create a blog post and a Calendar Event at the same time. Calendars No full-featured CMS is complete without a calendar. The RunIT CMS Calendar tool allows users to create multiple calendars, each having a name and a custom color. Events can easily be added to a Calendar. Events have a Title, Description, Start Date/Time, End Date/Time, option for All Day Event, Reminder Date/Time, and RSVP Required. The Calendar displays on the page as either a calendar or a list of events, each being hyperlinks that open details about the event. If RSVP Required is selected, the event details will allow users to RSVP. RunIT CMS Custom Content Editors are present throughout the system. They are WYSIWYG (What You See Is What You Get) editors that allow for content to be added and formatted in a Microsoft Word like manner. Our editor is one of the best on the market. RunIT CMS Custom Content Editor Toolbox The Custom Content Editors include a wide array of features for formatting text, pasting from Word, and pasting as HTML. Users can apply a CSS class from the site.css file to images and text. There is a full multi-level undo/redo mechanism with action trails like Microsoft Word. The editor includes a spell checker, find and replace tool, and a table builder. The editor also includes a powerful hyperlink manager, image manager, and document manager. The image manager allows users to edit images. The RunIT CMS Custom Content Editor produces clean, semantic HTML markup that users can view or edit with the click of a button. This allows for advanced users to embed videos, add custom scripts or styles, and generally take total control of how the HTML is going to look. Content Blocks There is no reason to repeat the same action (such as copying and pasting) to update multiple pages. No one enjoys manually updating each page of a website in order to update a hyperlink or an image. It is our goal to eliminate duplicate work when it comes to editing web content. That's what Content Blocks are all about. A content block is a piece of formatted content that can be added to pages and updated in one place. Content Blocks are edited with the Custom Content Editors, giving users complete control over the formatting (and advanced users control over the actual HTML). An example of a use case for a Content Block is a navigation sub-menu that exists in a subset of pages. Another example is a YouTube video that needs to be displayed on many pages and is subject to change. Site Layout Users have complete control over the way their websites look. Everything contained in the tag is editable using a Custom Content Editor. The system includes several macros for the purpose of adding the site navigation and page content in any place desired. There are also macros to get the site root, the current date/time, and to add CMS tools to the layout.know your purpose. We take the time to understand who you are as an organization to determine how we can best serve you. Our goal is that the products and services we offer, allow you to thrive in that purpose. empower your people. In order for your organization to reach it’s maximum operational potential, you need the right tools. Technology is always changing, and we stay ahead of the curve to empower your people with best products and support to reach your objectives safely and efficiently. run your business By implementing best practices and our extensive specialized knowledge, we free you up to focus on what you do best. We eliminate costly, unnecessary distractions and downtime, giving you the predictability and confidence you need to run your business.