Businesses and individuals alike have a problem with passwords. The username and password system is outdated and tends to be very insecure. Yet so far there’s no better solution that works as universally, and so we’re stuck with the status quo for the time being.
We may not be able to fix the outdated password system anytime soon. But with minimal effort and expense, savvy businesses can solve a number of the business problems associated with password risk.
Many common digital security issues can be resolved by implementing 1Password, a business-grade password manager and security tool, throughout your business. In this post, we’re going to explore five specific common business problems, showing how 1Password can be leveraged as the solution to each of them.
Problem #1: Employees Keep Reusing Passwords
As we discussed in the previous post, the whole system of usernames and passwords is pretty awful. No one can remember 100+ distinct logins, each with a creative, complex password. So people do what’s natural: they pick one password (that’s usually not very hard to remember or guess), and they reuse it across dozens of domains.
The problems here are many. If bad actors gain access to a username and password on an “unimportant” site through a breach, they may have gained access to the login information needed for that person’s bank — or your company’s most secure systems. The same goes for those who fall prey to a phishing scheme. Those credentials are now theoretically compromised for every account where they were used.
And this isn’t just theoretical; it happens all the time. In fact, reused passwords are the #1 cause of compromised accounts. And with 65% of people admitting to reusing the same passwords on some or all accounts, the scope of this problem is pretty massive.
Solution #1: Use 1Password’s Password Generator
The solution here is pretty simple. When you use 1Password or a similar utility, you no longer have to remember every password. You just have to memorize one Master Password, and the utility does the rest.
Now that users don’t need to remember all their passwords, it’s just a matter of making each of those passwords unique and complex. 1Password has the perfect solution. Password Generator is a function within 1Password that your team can use to create unique, very complex passwords that are unguessable and nearly uncrackable. With just a few seconds of setup per account, users can increase their safety and the safety of your business’s online resources.
Problem #2: You Already Have Tons of Accounts Sharing the Same Password
Some of your more tech-aware employees — and perhaps this applies to you and your leadership team as well — may understand problem #1. But they already have so many accounts sharing one or a small group of passwords that it seems impossible to get them all sorted out. No one has that kind of time, right? And the idea of fixing it across your entire business is overwhelming, to say the least.
To make matters worse, some of those accounts are shared accounts such as dummy logins or high-dollar subscription tools where many users share one account. If you change one of those passwords to something highly complex like xerE842!bs)4bQ$#h-3m43, how will you get everyone on board with that password? It seems the only way to do so is to write the password down, creating new security threats,
Solution #2: Use the Watchtower Function in 1Password
This is a legitimate problem, one that keeps many small businesses from taking the action needed to stay safe. Fortunately, there is a solution. However, it’s a systemwide solution with several steps. It will take some time, and you may need the help of an IT professional.
Step 1: Set Up 1Password for Your Whole Team
The first step is to set up your entire team with 1Password. Depending on the size and complexity of your organization, you might want a Teams, Business, or even Enterprise license. (Part 3 of this series will help you know which you need.)
You’ll need to create 1Password accounts for your whole team and install the program on every company-issued device. You’ll also need to teach your staff the basics of how to use 1Password.
Step 2: Build Up Your Organization’s Security Culture
Here’s where you start to change the culture and perceptions around credentials. Anytime a new login is needed, put it into 1Password. Then, when people ask for logins or credentials, tell them they’re in 1Password now.
When you need access to an account from someone else, don’t ask them for the password. Instead, ask that person to add the credentials to 1Password. Through the use of vaults, they can share that credential with you in a secure manner.
Also, continue encouraging (or requiring) 1Password use throughout your organization.
Step 3: Gradually Update Reused and Weak Passwords
The Watchtower portal gives you at-a-glance feedback about reused and weak passwords in place throughout your organization. This functionality is limited to those users who have started using 1Password, of course, so you’ll need to continue “encouraging” people to get on board.
One way to do that encouraging is to update shared passwords to more complex, auto-generated passwords using the Password Generator. When a user needs to access that shared account, they will be forced to use 1Password to do so.
Converting every password in every system to something like xerE842!bs)4bQ$#h-3m43 is a great security move, but it’s not the greatest people move. We recommend a more gradual approach, updating those shared resources maybe about one per week.
As you get more and more people into 1Password, your Watchtower will become more and more useful. Keep watching for reused and weak password alerts, and make changes where necessary.
Step 4: Keep Moving Forward
When you execute Step 3, you’ll see more and more stragglers adopt 1Password. Most of them will love it once they give it a shot. All that’s left now is to continue pushing 1Password as a part of your company culture. Keep reminding individuals to use the password generator when they encounter a bad password. The goal is to get to a place where there are no bad passwords in the first place.
We realize this was a complex solution, and so does 1Password. The 1Password team has created several great resources that can help you make this transition, including one on how prior bad habits can come back to haunt you. That one’s good for your team members, but here’s one for your leadership and IT team with
additional tips for rolling out and onboarding
Problem #3: It’s Too Hard to Keep Track of All Your Passwords
Related to Problem #1, we all have far too many passwords to remember or keep track of. It’s a bad system that leads many to give up on good password practices. People revert to using the same password everywhere or writing them all down in a notepad or in a spreadsheet. We already talked about why reusing passwords is so dangerous. Writing them all down is bad, too: paper notepads can be stolen, photographed, or copied, and digital logs can be compromised, too.
Solution #3: 1Password
There’s really no other solution here besides using a password manager like 1Password. It does the remembering so you don’t have to, and it’s always available on every device you own. 1Password also automatically detects when you create a new login or update a password and asks you if you want to update the credential in 1Password.
Most of the time, it just works. But if it doesn’t, you can still manually add in credentials via the desktop app.
Problem #4: You Need to Share a Password
Sometimes there is a legitimate need to share a password. Perhaps you have an outside accountant who needs brief access to a sensitive financial document, or you bring in a contractor or consultant. Writing down (or, far worse, emailing) that password puts the account at risk, but creating a new account isn’t practical. What do you do?
Solution #4: Guest Accounts
Through the magic of 1Password’s vaults feature, you can create time-limited guest accounts and share only the needed credentials with your vendor.
Problem #5: A Team Member Is Leaving
Eventually, a team member with access to many accounts will leave the company. Shutting off their access to the network isn’t hard to do, but what about all the other things that person had access to, like 3rd-party tools and so forth? Failing to clean up this access can be a big security threat, yet there may not be any one person who knows what all the former employee had access to.
Solution #5: Removing the Person from 1Password Clears Their Credentials
If you have an internal IT department or a managed IT provider, the first action after a team member leaves is to remove access to company systems. Generally, this means changing that employee’s access permissions within the directory management system (i.e. Active Directory, JumpCloud, etc…). After removing an employee’s access permissions, they will no longer be able to login to company devices and access anything in the company network. Any systems that are accessed using the SSO (single sign-on) feature will also become inaccessible.
Directory management, then, manages access to many company assets in one place. Many assets, but not all. Not all systems support the protocols used for SSO implementation, and not all organizations have it setup. That’s where 1Password can help, as it works for any login credentials. The implementation and usage are very different than SSO, but the result is similar.
As soon as you remove someone from your business’s 1Password account, they won’t be able to access any of the credentials stored there. It’s much less likely that a user will have memorized these credentials, either, because they never had to type them in. (Also, because they all look like gibberish if you followed the previous steps.)
If you’re concerned that the employee may be leaving in bad faith, 1Password can generate a list of all credentials the employee had access to. This is far better than relying on a coworker to try to remember which credentials the former employee had. You can manually change all of these for additional security, if needed.
For an even more seamless environment, the 1Password’s Business tier allows you to tie into your directory management, by using SSO to access 1Password.
Wrapping Up
If you’ve been in your role for any length of time, many of the problems above might sound painfully familiar. 1Password could be the solution you’re looking for to shore up security and keep your business as secure as possible. For more on implementing 1Password in your business, Southeastern Technical is here to help. Reach out today for a consultation or for help implementing a Teams or Business account.
