Three simple truths:
1) Everything has a password requirement.
2) Most people hate passwords.
3) Even the best Cybersecurity is subject to a user’s weak password.

According to The New Password Expose by LastPass, the average employee of a business manages around 200 passwords. With human nature being what it is, the temptation to simplify things by using the same password for everything is strong. What isn’t strong is the average user’s passwords.

Never underestimate the power of a strong password. It is, quite literally, the first line of defense for your network. Even after your in-house IT support department or outsourced Managed IT Services provider has initiated the best Cybersecurity defenses in the world, they WILL NOT keep a cyber-criminal from accessing your data once they crack a user’s password.

What is a good password like?

We have discussed this in a previous blog about Multi-Factor Authentication and please review our page on this website in our IT Tips and Tricks section ‘Creating Strong Passwords’.

NordPass notes that the most commonly used password in 2021 is ‘123456’. They calculate this bad password takes less than a second for a hacker to crack, yet it is used by 183,178,552 people worldwide – almost four times more than the 2nd runner up in the Bad Password Pageant: 123456789 (which also takes less than one second to crack). Good IT support will try to discourage the use of bad passwords.

BUT: Here at IT Support LA, just like with any Managed Services Provider or IT Consulting Services, we can only advise our clients how to create good passwords. Our HelpDesk gets called upon when passwords don’t work or are forgotten. I remember one of our IT support guys telling me, “How can they forget 12345?”

How do I know my password strength?

Try this:
Comparitech in the UK has a password strength tester. You enter a password and it will tell you how long it would take a computer to go through all the letter, number, and symbol combinations to crack it.

I entered the example on our ‘Creating Strong Passwords’ page: ImMLw0&23o&i5Mc.
The result: “It would take a computer 63 billion years to crack your password.”

I then entered: 987654321.
The Result: “It would take a computer Instantly to crack your password.”

Don’t cheat – take one of your current passwords and try it out.

If all of the people using disastrously weak passwords use the same password for everything – from business to personal to even banking, they might as well put everything they own and all the money they have out on the curb so it can be picked up – because they are already throwing their money and their confidential business data away, and IT support may be able to stem the tide, but when somebody has your password, they can’t stop it from happening.

Okay, so you followed our advice and read our tips on Strong Password creation and have invented what you feel is the most unbreakable password in the history of mankind. You should be able to use THAT for everything, because even a computer can’t crack it… right?

NO!!!!

Computer programs aren’t the only way to break a password – and with the advancements in Quantum Computing, those password test numbers can certainly change. Also, the strongest password in the world can be ‘cracked’ if you leave it on a post-a-note stuck to the bottom of your monitor.

You MUST use a different password – and a strong one – for everything, because once the crooks have the ONE password you use, they have the Keys to your Kingdom.

At IT Support LA we educate our clients on the importance of maintaining strict password policies and procedures, and one would hope that every Managed IT Services company worldwide would do the same. From discussing this issue with colleagues in the IT Support Los Angeles Community, we have noted varying degrees of faithfulness to this concept. For dime-a-dozen hourly rate IT services ‘Guys’ this is barely spoken of because the more problems you have, the more hours they can bill you for.

What is the purpose of Password Manager?

Simply put, Password Manager is a secure place to store all of your passwords, so all you need is the one password to the manager. Also available for consumers on smart phones, the business version opens a dialog box when a site or app asks you to login. You click the icon in the dialog box and it fills in your username and password. You only need to enter the password manager when you want to delete an entry or change a password.

It’s similar to what Google Chrome does when you enter login info to a new website: it asks if you want it saved. Then, when you open a page and click ‘login’, it fills in the info.

The PM can also generate strong passwords, store them, and apply them when logins are needed.

Why do we need password management?

Let’s say you have conquered these three areas:

1) My passwords are very strong.
2) I use a different strong password for everything.
3) I have a pretty good memory.

A good memory may not be enough if, as stated above, you are juggling upwards of 200 passwords. With combinations of upper/lower case letters, numbers and symbols, and adding to the fact that your personal passwords are also bouncing around in your brain, 50 passwords would be mind-boggling, let alone 200.

Even coding a familiar phrase, like ‘my second daughter was born in Woodland Hills California on August 3, 2009’ to come out ‘m$dWb1wHc0&3o9’ (which, when tested on Comparitech gave the result: “It would take a computer 165 trillion years to crack your password”) – may produce a foolproof password, but you still have to remember the phrase and what site it goes with.

Frequently Asked Questions

Q: Can a password manager be hacked?

A:  Can a password manager be hacked?

Q: What are the disadvantages of a password manager?

A: There is a fatal flaw, and like most Cybersecurity issues, the weak point is the end user. If you are careless with your Master Password and someone gets their hands on it, they get all your passwords. Avoid the ‘post-a-note on the monitor’ approach.

Q: Do you have to pay for Password Manager?

A:  Yes, but it’s typically just a few dollars a month – well worth it.

Q: Are password managers good?

A: They are – if you stick with the short list of the best.

Investopedia’s Best Seven for 2022:

  • Best Overall: LastPass.
  • Best for Extra Security Features: Dashlane.
  • Best Multi-Device Platform: LogMeOnce.
  • Best Free Option: Bitwarden.
  • Best for New Users: RememBear.
  • Best for Families: 1Password.
  • Best Enterprise-Level Manager: Keeper.