As the IoT (Internet of Things) grows, the number of usernames and passwords we all create and somehow have to remember expands as well. Bank accounts, social media, email, even your son’s Xbox Live login details can contain credit card numbers and other private info; if this data falls into the wrong hands, fraudulent charges and identity theft can occur. While it may seem like an easy fix to just use the same password for every account, I would strongly advise against it (if someone gets your password, they will then have access to everything).
As most know, keeping a Post-it note stuck to your computer containing your login information is not ideal, nor is compiling it all in a Word document on your computer, saved under “Don’t Look.” So, what can be done regarding the safety, accessibility, and redundancy of your login information? Also, what is the best way to send and receive passwords in the workplace?
First, let’s discuss storing and securing passwords. Since we are living in the years of having an app for everything, yes, there is an app for this too. Password managers are programs that store numerous usernames and passwords and only require a single password to access them. Coupled with multi-factor authentication such as requiring a text-message or email verification, a password manager is an excellent way to both remember and safeguard the access to some of the most sensitive information sources you have.
Password managers can also fill out forms automatically, can sync across macOS, Android, iOS, and Windows, and can even scan the dark web for compromised account info as well as record shopping receipts. There are several products to choose from, including my personal favorites Keeper Password Manager & Digital Vault and Dashlane.
You can also use your internet browser to store passwords and auto-form data. While this is very effective for remembering them and simplifying the process of logging into websites, anyone who accesses your computer can then benefit from not having to remember your passwords as well.
Now, what is an appropriate method to say, securely send sensitive login credentials in the workplace?
Well, you could accomplish this by using multiple methods. You could simply write it down on a piece of paper and manually deliver it; this is probably the most straightforward and secure process as long as it is shredded after (although, nobody can guarantee that this will be done). As stated before, you could also use a password manager that keeps multiple usernames and passwords by uploading them to the program and then giving employees information on how to access it; this method would be sufficient as long as none of your personal account information is stored in it. Next, you could send the passwords through an email, such as with Gmail, using confidential mode. For further details of how to use confidential mode, see below.
- On your computer, go to Gmail.
- Click Compose.
- In the bottom right of the window, click Turn on confidential mode.
- Set an expiration date and passcode.
- Click Save.
By choosing confidential mode, you can select an expiration date which will erase the message after a set amount of time (maybe just a day or 2 and tell employees they need to access it immediately). By using a password to access the email, you can ensure nobody else can open it unless they are who you originally sent it to. Other email services have encryption options, which work in the same manner.
Of course, there are several other ways to send the data securely. You could use an encrypted USB or another form of removable storage device, however, if it gets misplaced or stolen, that information could be potentially retrieved. You could also send it via a chat service or text message on a phone. Although in this method, those messages do not get deleted often, expanding the window of possible unauthorized access.
I hope this information helps you maintain control of your access to the digital world. As losing a single password can become quite the headache, it is crucial sometimes to use tech to access tech, if that makes sense.