It may not be something on your radar, but let’s talk about why it should be.

Your staff are signing up and logging in daily, to an assortment of online vendors, subscriptions, credit or banking companies, social media websites … you name it. Most of them, I would guess, are legitimate business websites that are important to their job.  Some of them might be personal websites – email, banking, shopping, etc.

A few things about how they currently save those passwords:

  1. If they are stored in the browser (like Chrome), they can be accessed from their home computers. Not just the personal logins, but the business logins as well.
  2. If they are stored in the browser, it’s fairly easy for anyone with a little bit of IT skills, to pull those passwords out and use them – without your knowledge.
  3. If they are not stored in the browser – how are they being tracked? In an Excel spreadsheet or Word document named “Passwords?” – you’d be astonished how common this is. And what would a hacker search for first, once they get onto a network undetected?  Yes, anything with the word “password” in it.
  4. If they’re not stored in the browser or a document on their desktop or server, how about the stickies on the underside of the keyboard? Top drawer of their desk? Or our favorite – a stickie right there on their computer monitor (we’ve seen Admin creds written on a stickie and displayed on a monitor too many times to count).

How would you get a grip on all of this?  We have a solution!

We use and recommend LastPass. The Enterprise version of this password management software allows for one Master Administrator to have control over every person’s password account. That’s super handy when an employee storms off and all you have to do is disable their account.

The way we set it up, is we configure the user accounts, send each person an email invitation to click a link and create their master password, then we install a “plug-in” for LastPass in the browser they use the most (i.e. Chrome, Internet Explorer, or Firefox). As we install the plug-in in the browser, we import all of the saved password that are in the browser. We then do training (in person, or via email/webinar) on how to use it. After your team is used to LastPass and feeling comfortable, we remove the ability for the browser to save the passwords and we clear out all of those saved passwords. Everything is in LastPass now.

Want access to your passwords all the time? No problem - use the App on your smart phone.  We configure 2-factor authentication for ours, so we are not worried about someone breaking in.

Want to save all of your passwords in one place, both personal & business?  Just add the free Personal account for Last Pass to the paid Enterprise Account for each person. If they leave your employ, you can disconnect the Personal account and they can have their personal passwords back.

Don’t risk your passwords getting in the wrong hands. Call us if you need help.