How To Securely And Safely Share Business Passwords
As account takeover continues to be one of the major causes of data breach, we outline how you can securely share business enterprise passwords
Your password must be unique, between 8 and 30 characters, and must contain at least one number and special character. You should not share this password with anyone!
These are often the instructions we are given when we create a new account. We’re constantly told and told again that we shouldn’t share our passwords with anyone – especially the passwords for sensitive work accounts.
This is the security ideal but, unfortunately, reality will often get in the way. In fact, a study found that almost 70% of us share passwords with others in the workplace on a regular basis.
It’s unavoidable that there will be times in every organization where you will need to share account access with a colleague. It may be sharing access to a social media account, a company bank account, an online service or any number of other cloud-based applications.
This will be an everyday occurrence in small businesses, but even in large organizations there will be times where one account has to be shared between multiple people, and it’s important that when these credentials are shared, it’s done securely. In this article, we’ll outline how to share passwords securely.
Why Is It Important That You Share Passwords Securely?
Obviously there are easy ways to share passwords; methods you probably don’t need to read this article to work out. You can write them down on a sticky note in the office, or paste them in a shared file. In our new normal of working at home, you might have gotten used to sharing passwords in a Slack or Teams channel, or maybe just through email.
But this is of course not secure and, when you share passwords this way, you could be putting critical business accounts at risk.
Stolen passwords and credentials are one of the number one causes of data breaches; they’re the reason for almost 80% of successful attacks. The reason for this is simple – passwords can unlock vast amounts of data, but they are just not very secure.
Most people often have over 100 passwords to remember, so they will understandably often reuse the same passwords across multiple accounts, or use simple passwords that are easy to remember, but also easy to guess. People are also susceptible to phishing attacks, which involve cyber-criminals impersonating a trusted source and asking for sensitive passwords by .
But even the strongest passwords won’t stop cyber-criminals if we don’t send them securely. When we share passwords to multiple people via unsecure channels, we are making it far easier for cyber-criminals to gain access to our accounts.
This is because these passwords can easily be intercepted, stolen in phishing attacks, or accidentally shared with the wrong people, all of which can lead to data loss or data breach.
Shared accounts are also unlikely to have multi-factor authentication enabled, because MFA doesn’t work effectively when one account needs to be accessed by multiple people. This means anyone armed with just the password can gain access, making it all the more important to ensure the password itself is protected.
In addition, when you share passwords over unsecured channels, admins have no visibility over who has access to what accounts. If something goes wrong in a shared account, or if a data breach did occur, admins will have no way of tracking where the breach happened and, if the password is changed, they could even be locked out of company accounts altogether.
So, How Can You Share Enterprise Passwords Securely?
These solutions make managing credentials far easier, by allowing you to generate random, complex passwords, store them in a secure encrypted password vault, and then easily retrieve them when you need them.
They also make sharing passwords with colleagues quick, easy and secure, with full admin oversight into where passwords are being shared, and controls to stop passwords from being sent outside of the organization.
With a strong password management solution, admins should be able to assign account permissions to users to allow them to share passwords with selected people. Users should then be able to assign a level of security to these shared passwords, such as making them read-only, or even not letting them be read at all, only allowing the recipient to access the password when they are logging into the account.
Admins also should be able to set up teams and groups within the password manager to allow passwords to be easily shared across departments. This means any new team members will automatically be able to access new passwords. Admins can also get full visibility into which team members have accessed which passwords, and how secure the passwords in the vault are.
Importantly, password managers should make it easy to store and share passwords, encouraging better password habits, protecting your business against account compromise and helping you meet compliance obligations.
How Can You Find The Right Password Manager For Your Business?
There are three important features to consider if password sharing is one of the top reasons you’re looking at an enterprise password management solution.
Ease of use – It should be extremely easy for an end user to start sharing a password with a group or with another individual user. It should also be easy for admins to set up these groups, and for them to see where passwords have been shared. The important point to remember is if the system is not easy to use, people won’t use it; they’ll continue to share passwords through unsafe channels instead.
Admin Policies – There should a range of admin policies available to help you manage password sharing. You should be able to set controls on individual users, on individual account passwords, and on overall groups to limit how passwords can be shared across the organization. You should also be able to set policies defining how secure a password needs to be and how often it needs to be changed.
Secure Architecture – Password mangers should be built on a secure architecture that protects data in transit and at rest. For password sharing, it’s important that passwords are encrypted and decrypted using public-keys unique to each user, which ensures that only the correct person can access shared passwords. We also recommend using password managers that store passwords locally on your device, which prevents passwords in the vault from being compromised, even in the case of a data breach against the vendor.
In addition to helping you share passwords securely, password managers should also make it easy to add and change passwords, see password health, and track when passwords have been breached.
To help you find the right password manager for your business, Expert Insights have put together a guide to the Top 10 Password Managers for Business. In this article we compare ease of use, features and pricing of the top 10 enterprise password managers.
Sharing passwords with colleagues is unavoidable. But when it’s not done safely, your business could be at risk of data or financial loss.
To help make sharing passwords both easy and secure, we recommend using a business password management platform. These allow users to store passwords in a secure, encrypted vault, where they can also be shared to other colleagues in groups or teams.
There are a number of enterprise password management solutions available, including Keeper, Dashlane and LastPass. To help you compare these solutions, and find the right service for your organization, we’ve put together a guide to the top 10 Password Managers for Business.