If your marketing team isn’t using a password management tool yet, it should be. Not only can one save you an immense amount of time, but it may be the very thing that prevents your company from going out of business. Intrigued? Give me five minutes, and I’ll explain how this simple security tool works, why you’ll never go back once you try one, and how to select the best password management tool for your needs.
What is a Password Manager?
At a basic level, password managers store your login credentials. They keep them secure inside a password vault and save you the trouble of remembering multiple passwords. A single self-service password management password tool can work on all your mobile devices, laptops, and desktop, saving you from the dreaded password reset button and providing peace of mind. While capabilities differ across platforms, many will automatically fill forms for you, suggest strong passwords, and help keep your sensitive data protected from cybercriminals too.
The concept can be further split into privileged user password management, which is more of an enterprise-level technology type. Instead of simply helping manage passwords, privileged user systems monitor all programs. Some can tell you which passwords your employees are using in programs outside of your password manager, help ensure regulatory compliance and more.
Dangers of Leaving Password Management to Employees
People are bad at creating passwords. It may sound harsh, but 23 million account holders use the password “123456” per DataProt. Their research shows that the average password has eight characters or less. That means, should a brute force hacker want access, they’ll be in the account within eight hours, according to tech guru Kim Komando. Most passwords take an hour or less to crack.
People recycle passwords. Despite being the least likely group to recycle passwords, 60 percent of Baby Boomers do it anyway, per Harris polls. Gen Z takes the lead, with 78 percent sharing passwords across multiple accounts. Considering more than 22 billion records were shared on the dark web last year alone per ITP.net research, at least 13 billion compromised credentials unlock other accounts.
People use the same passwords for personal use and work. About half the population recycles passwords between work and their personal accounts. If your company forces password updates at pre-determined intervals, most only change a digit per Hyper. That’s not enough to keep your data and programs safe.
People make mistakes. Two-thirds of data breaches are “inside jobs,” according to Cybersecurity Ventures. The company says the people behind this latest cybersecurity crisis aren’t necessarily bad employees or even trying to let secure info out, but they may unintentionally share things or fall victim to phishing schemes. A password management tool can be a helpful component of a comprehensive access management strategy that eliminates many of these concerns. Plus, some come with helpful tools that can identify many phishing pages designed to steal password information, helping reduce cybersecurity risk even more.
People can be careless. Without someplace to store passwords securely, most people will resort to unsecured methods, such as post-it notes and spreadsheets.
Why You Need Enterprise Password Management
The average marketer uses 12 different tools, according to HubSpot data. Nearly one in ten marketers use 31 or more tools. This, by itself, can be overwhelming, but bear in mind this only references marketing tools such as social media accounts, email marketing platforms, and CRMs. It doesn’t include project management tools, time tracking apps, file management programs, and so forth that add to the total number of passwords a marketing team needs. Let’s face it. If you’re not using a password management tool and you have this many accounts, there’s no way you’re using unique and difficult-to-crack passwords across them all and refreshing them as needed to keep hackers out. Single sign-on (SSO) options help, but not all platforms offer them, and SSO doesn’t help with all the human-caused issues.
Hacking is a major concern too. Almost 50 percent of small businesses have been cyber-attack victims per research presented on Inc. Within six months of an attack, as much as 60 percent will go out of business. Passwords are an easy target in this regard. Simply put, your company needs more security than your employees, or a traditional tool can provide.
Enterprise password management tools also give your company more control over the types of passwords being used and who has access to what. Some will even allow you to share a password or groups of passwords with a user but not give them the actual password. This is helpful if your whole team uses a single login for a program that doesn’t require the security afforded by separate logins, such as certain design programs. It’s easy to remove access as needed to safeguard your data when individuals leave the company too.
Your marketing efforts and company reputation could be lost in a single breach. Imagine waking up one morning to find your social media accounts littered with posts you didn’t make, your outboxes filled with messages to your clients you didn’t send, or your website loaded down with malicious pages. It doesn’t matter if the hacker never got sensitive data. Trust will erode, you may lose business, and your ranking on search engines like Google may tank, or your listing may come with a warning that the site’s been hacked. As the outward face of your company, your marketing team must be especially cautious to avoid a breach.
Password Management Market Growth, Trends, COVID-19 Impact, and Forecasts (2021 – 2026)
Historically, companies like Avatier, Broadcom (CA Technologies), FastPass, Core Security Technologies, Microsoft Corporation, IBM Corporation, and SonicWall have dominated the password management market simply because people tend to be wary of trusting new entities with their sensitive data.
However, with the rise in work-from-home arrangements, the blurring line between work and personal life as the “always-on” culture persists, and the increasing risks to companies, the password management market has been rapidly expanding in recent years. Presently sitting at $1.2 billion, market dynamics are expected to push the industry to $3.1 billion globally by 2026.
Features to Look for In a Password Management Solution
Reputable platforms will base their password requirements around the National Institute of Standards and Technology (NIST) guidelines. As it’s the primary standards organization of the United States and sets the information security standards for federal agencies, it’s the one to look to if your organization must be compliant with guidelines like HIPAA, FISMA, and SOX. In addition, the agency issued a new set of digital authentication guidelines a few years back that included details such as having an eight-character minimum for user-generated passwords and allowing users up to at least 64 characters.
Beyond NIST adherence, you’ll want to look for features that enhance security and make password management easier. A few examples are covered below.
Multi-Platform/ Operating System Compatibility
At a bare minimum, the password manager should work on Windows, Mac, Android, and Apple devices. In today’s “bring-your-own-device” culture, there’s no telling what type of device a team member might be using at any given time.
Although the most popular options are all cloud-based, it’s worth double-checking that the one you’re choosing is, so you don’t have to worry about syncing or which devices have which passwords.
Although most people create manual passwords that can be cracked in under an hour, a good password generator will suggest secure passwords that will take years to crack.
Master Password Recovery
Each user will have his or her own master password that provides access to the tool. For ease of use, you may want a self-service password recovery option that allows employees to reset their own forgotten password, but it’s also helpful to have a password reset option at the admin level too.
Consider choosing a service that uses two-factor authentication or multi-factor authentication for enhanced security.
End-to-end or zero trust encryption is another big one, as it keeps passwords encrypted while they’re not being used and while they’re being sent, so your data is even safer.
If your team routinely shares privileged items like contracts, you may want to select an option with file storage and sharing.
Certain tools your team leverages, such as social media logins and CRM logins, really should be tied to each user. That way, you can easily see who touched what if an audit is needed. However, if you work with programs that aren’t sensitive, the ability to share passwords or groups of passwords based on someone’s role can be a huge timesaver.
Examples of Password Management Solutions
Now that we’ve covered what password management solutions do and how they can help your marketing team, let’s look at some of the actual tools you’ll find.
One of the best-known platforms is 1Password. It offers integration with other business tools and has a multitude of features. There are options to purchase by the user or in groups, as well as a free trial.
Often listed alongside password management tools, BeyondTrust is actually privileged access management software (PAM). While it does offer password management, it also gives more robust tools intended for use by an IT department, such as analytics, session logging, and enhanced monitoring. For example, in monitoring privileged accounts, it helps keep your company protected against more data breaches.
One that gets a fair amount of press for being free is Bitwarden. As one would imagine, the free version is fairly stripped down and cuts off at two users. However, it has a good reputation and isn’t a bad place to start if your team is very small or doesn’t require advanced features.
Like Beyond Trust, Centrify falls within the privileged access management software bracket. While it will manage your passwords, it hangs its hat on safeguarding your company against privileged access abuse. That means the software is always monitoring users who have been granted access to things to ensure they’re using them within the scope of their intended purpose or role and that they’re not performing actions that could put the company at risk.
CommonKey | Team Password Manager
One of the latest products to hit the market is CommonKey. It works differently than many of the others outline here because it’s purely a browser extension designed to work with your cloud-based applications. It offers most of the features some of the larger platforms do, such as easy management of your team, and has a user-friendly interface. Although it’s not compatible with all major browsers yet, it’s one of the most affordable options, and there’s an option to get started free.
Most teams want a cloud-based vault with automatic syncing between devices to save time and headaches. However, if you’re the type that feels better keeping your passwords locally, Dashlane is worth a look. The admin dashboard also has a panel that shows you the password health of your team members and details like who is using weak passwords. It also has an active directory of compromised passwords and alerts you if a team member is using one.
If you’re looking at the more robust platforms, Keeper Security might be worth a look too. It sets itself apart with easy deployment of passwords across groups and works with some unique operating systems, including Kindle and Blackberry, in addition to the more common ones.
Over the years, 1Password and LastPass have been fighting neck-and-neck. When one tops the other in an area, the trailing one does an update that matches it or beats it. The two are comparably priced and offer many of the same features, and both have free trials. However, LastPass offers a password import option, and its Windows interface is sometimes considered superior.
You may hear the name ManageEngine while you’re searching too. It’s another privileged access management software provider that runs neck-and-neck with Centrify. However, users typically rate it a little lower on features and a little better for pricing.
Pleasant Password Server
If you’re a DIYer with technical prowess or have an IT department, you can use Pleasant Password Server with KeePass or Password Safe to create a more customized and locally hosted solution.
RoboForm For Business
If you’re looking at options like 1Password and LastPass but don’t like the price, you might be happy with RoboForm. It offers all the basic password management tools for teams for just a few dollars per month.
Zoho Vault Online Password Manager for Teams
Zoho offers a huge suite of tools that can either be purchased individually or as a group under the Zoho One name. The latter includes everything from website builders through a CRM and email marketing tools. So, if you’re a Zoho One user, you can use Zoho Vault without paying anything extra, or you can purchase it individually fairly inexpensively. The company tries to contend with companies like LastPass and 1Password but doesn’t quite have the same ease of use. It does, however, integrate with other password tools. That means if you need mobile device password protection and your current service doesn’t offer it, but you don’t want to switch, Zoho Vault may give you the functionality you need.
Get Help Modernizing Your Marketing Team
Successful marketing teams are highly collaborative and leverage a variety of tools. They also operate more expeditiously and protect their hard work by using a password management tool. As a business and digital marketing consultant, I help small and midsized companies find the right resources for their needs and take their marketing strategies to the next level. If your organization is struggling to take the next step or you know you’ve got gaps but don’t know what they are or how to correct them, we should talk. Contact me for a complimentary consultation.