Technology Tip
Dave Pelland has extensive experience covering the business use of technology, networking and communications tools by companies of all sizes. Dave's editorial and corporate experience includes more than 10 years editing an electronic technology and communications industry newsletter for a global professional services firm.

Small Business Password Management and Multifactor Authentication

Small Business Password Management and Multifactor Authentication

With many small businesses relying on cloud applications and remote work, passwords are essential to their day-to-day operations. This importance makes effective password management and multifactor authentication (MFA) vital to getting work done and protecting sensitive company information.

Password management tools increase small business cyber security by generating and storing strong passwords. Multifactor authentication adds a layer of security by prompting users to enter additional information besides their password, meaning an account will be protected even if a hacker steals the user ID and password.

Both tools increase security on their own and offer tremendous benefits when they’re combined.

Stronger, Centralized Passwords

One of the primary benefits of a password management program is the ability to generate, store and enter stronger passwords than users are likely to choose on their own. A common security challenge is people using easily guessed passwords, or using the same password on multiple accounts. If one account gets compromised, others soon follow.

In contrast, a password management program will generate a strong, difficult-to-guess password and store it in a centralized "vault" so users don’t need to remember that password to use it. When users access a site, the password manager will enter the appropriate login credentials.

This feature helps small businesses reduce the risk of accounts being compromised, accessed by unauthorized users, or systems being breached through improper password management. Instead of users having to remember numerous passwords or storing them in unsecured files or spreadsheets, password management software securely protects all of your passwords in one place.

It also protects small businesses against compromise from users relying on passwords based on birthdays, pet names, or other information that’s easy to guess or research online.

Secure password vaults are protected by a master password that must be guarded carefully to prevent an unauthorized user from gaining access to all of the user’s passwords. Despite this risk, however, it’s easier to remember one secure password than dozens of weak ones.

A related benefit for small business owners is that the login credentials for shared cloud accounts can be stored in a central location, allowing you to add or remove users easily. If a team member leaves your company, for instance, their access to your accounts and data can be revoked with a few mouse clicks.

Popular password management software choices for small business accounts include Dashlane, 1Password, LastPass and others.

Multi-Factor Protection

Multifactor authentication is another important component in protecting cloud accounts by reducing the risk of unauthorized access. MFA tools combine passwords with additional information, such an access code that’s texted to a user’s smartphone or displayed on a security fob, meaning that accounts can’t be accessed even if an unauthorized user obtains a legitimate user ID and password.

MFA offers strong protection against "credential stuffing" attacks using stolen ID and passwords. Unless the hacker also obtains the user’s phone or security device, the log-in credentials will be useless.

Depending on your company’s industry, MFA can also increase regulatory compliance and insurance company expectations. For instance, the Payment Card Industry Data Security Standard (PCI DSS) requires businesses that process credit card payments to protect employee accounts by using MFA.

Similarly, a growing number of insurance carriers are requiring the use of MFA during the underwriting process for cyber insurance policies.

Together, MFA and password managers can increase the security of your cloud accounts and reduce your cybersecurity risks.

Read other technology articles