Password security is teamwork
Passwords are being cracked more and more frequently. Nevertheless, passwords remain the most important method of protection against unauthorized access. In order to be able to increase password security in the company, teamwork is required.
No matter how often access data is compromised these days: the classic combination of user name and password will remain with us for a long time. The use of additional safety factors is simply too complex and too expensive for the providers of numerous applications. Users should therefore continue to come up with passwords that are as complicated as possible and ideally not use them more than once.
Many organizations are already using managers to help employees generate and remember strong ones. While this is a good first step, the work is far from over.
Recommendations for action
The manager should definitely actively inform about endangered or already compromised logins. In this way, the end users as well as those responsible for IT recognize at an early stage which access data are already in circulation. You can take timely countermeasures, reducing a potential attack vector.
Another useful function of password managers is the cross-domain provision of information about compromised and thus vulnerable objects. This represents another lever that IT managers can use to track down potential data leaks, attack vectors and endangered data.
Password managers only fully develop their benefits for IT security if they are used by as many employees as possible. In order to achieve a high level of acceptance, the use of the company’s own password manager can also be released for private use. In addition, some managers such as 1Password also offer IT managers the option of recognizing who has not used the password manager for a long time. If there is a suspicion that employees have set up their own shadow IT by using external services, they can be specifically addressed.