Columns and Blogs

Technology Tip
Dave Pelland has extensive experience covering the business use of technology, networking and communications tools by companies of all sizes. Dave's editorial and corporate experience includes more than 10 years editing an electronic technology and communications industry newsletter for a global professional services firm.

Effective Password Management for Small Businesses

Effective Password Management for Small Businesses

As more small businesses embrace the power and flexibility of cloud-based applications, the need to manage those account passwords is becoming more important.

Most small business have a variety of accounts for their online banking, accounting and invoicing, orders and inventory, and customer relationship management. As the number of accounts and passwords expands, many companies adopt bad security practices such as using simple passwords on their accounts or using the same user credentials for different services.

Weak passwords can be guessed by automated hacking tools but, despite this risk, too many users reply on insecure passwords including “123456,” the names of local sports teams or even “password.”

Similarly, using the same credentials on a number of sites creates a security risk if one of the sites experiences a breach. Hackers then sell the credentials, which other hackers race to use on other sites and accounts.

A password manager program reduces your security risk while making it easier to track passwords by performing several important functions. Password managers:

  • Generate and store stronger passwords than a person could (typically a long string of characters that looks like gibberish but offers high security by being very difficult to guess)
  • Load log-in details for accounts, saving you the time of writing down or looking up details
  • Warn users against weak passwords
  • Track all user IDs and passwords, and warn about repeated credentials
  • Sync log-in credentials between computers, browsers, mobile apps and sites.

Password managers typically operate either as small background programs that launch when the operating system loads, or as browser plugins. You establish a master password to protect the information stored within the manager. It’s important to save this password, because it can’t be recovered if you forget or lose it – meaning you’d have to change your password manually on every site you visit.

Password managers can also save form data, such as your company name and delivery address, saving you the time of retyping this information over and over. While your browser can also store this information, it’s safer to use a password manager because the information will be stored in encrypted form.

The software can also store notes, such as the responses you use for security questions that sites ask you to answer in case you need to recover your account log-in. Security pros recommend using fake information when you answer these questions, and password managers offer a safe location for storing these details.

In a small business setting, password managers help companies track the many accounts their team members are using. Most offer a centralized dashboard that makes it easy to add and remove members as you need to.

Multi-Factor Authentication

Another helpful feature in making your password more secure is using two-factor authentication on any sites that offer it. This offers an additional layer of protection for your account by sending a code, typically as a text message, that you have to enter as you log into a site.

Two-factor authentication offers additional protection in case your login credentials are compromised because the odds are small that a hacker would have your user ID, password and mobile phone at the same time.

With the help of password management software and good security practices, you can significantly reduce the risk of your accounts being breached.

Read other technology articles