Using a credentials manager is crucial for improving the security of online credentials. However, optimizing its settings is essential to fully protect sensitive information. This article provides expert tips on how to configure your credentials manager to enhance security and efficiency, focusing on new features in the latest Passpack release to help manage and share passwords to credentials securely.
Cybersecurity experts agree that using a credentials manager application to create, store, and share passwords greatly improves the security of online personal and business credentials. But a credentials manager app rarely comes out of the box ready for use in its default state; settings and features require modification or activation.
Teams must be created, and rules established. And if you’re only using the app for password creation/storage/sharing purposes, well, frankly you’re missing out on much of what a credentials manager like Passpack can do.
Tips to Maximize Credentials Manager Value and Credentials Protection
You subscribe to a credentials manager service to protect access to your confidential data, but you might not be taking full advantage of its functionality. That’s okay, right, because it only costs you a few pennies each day and it covers the basics? (A Passpack Business Plan subscription, for example, is $4.50 per user per month, or about 15¢ per user per day.)
Well, that might be okay if your business has just a handful of users, but it is not acceptable for businesses with dozens or hundreds of employees – those pennies do add up. Here are some tips and tricks to maximize the value your business gets from its investment in a password manager application:
- Security of Account Access. Think of the password manager app as a digital safe deposit box holding all your valuable information, and the encryption key as the key to the vault. Since all your credentials are in the same place, you’d better make that key strong and put it someplace safe. Passpack calls this encryption key a Packing Key. It is created and known only by the account owner/administrator. Passpack never has access to the key. Since all the passwords to users’ online services can be randomly generated by the built-in password generator (see #3), the Packing Key is the only character string the user ever needs to remember. Some guidelines for Packing Key creation:
- Use a phrase or sentence rather than just a word or two.
- The longer, the better and using spaces, numbers, symbols, capitalization, and punctuation is recommended to increase complexity.
- Do not include personal data such as your name or birthdate in the sequence.
- Passpack includes a Packing Key Strength Indicator which shows the muscle of the Packing Key as it is entered. Try to achieve a rating where all indicator bars appear green. Some examples of strong Packing Keys:
- I Like Formula1 Racing Cars
- My first job at 12 was cutting potatoes.
- Turtles live to be 100 years old!
- Use a secure version of multi-factor authentication (MFA). Most password manager apps support MFA, which requires the user to submit a second piece of information to verify their identity before granting access. This is often a one-time access code or the answer to a security question. The tip here is not to use SMS texts for this exchange, as those messages can be easily compromised. Rather, MFA should be implemented through a dedicated service provider adhering to Zero-trust security standards. For those purposes, Passpack offers secure MFA through Google and Microsoft Authentication in which those messages are encrypted, as well as YubiKey.
- Use a password generator to create new unique passwords. Using similar passwords for every account is a recipe for disaster. Most apps include a random password generator tool. Passpack’s version allows administrators to set minimum thresholds for length, strength, and special characters when users create new passwords, and includes a strength indicator. Passpack recommends creating the strongest possible passwords as users will never have to remember them, only their master Packing Key.
- Update current weak passwords. Passpack’s advanced reporting features display the strength of active passwords. Administrators can then flag accounts with passwords classified as “weak” to replace with more robust credentials.
- Activate auto session log-out times. Employees sometimes step away from their workstation without logging out of active apps and windows. That’s a prime opportunity for an unscrupulous vendor or visitor to steal credentials. Enable the auto log-out function on your app. Passpack supports two modes, one for a full lock-out, and one for when the system senses a period of inactivity. Both can be set for user-defined intervals between 5 minutes and 1 week. (We recommend setting this mode for 5 to 10 minutes).
- Implement domain controls. One of the enhancements to the latest version of Passpack is the ability to configure and restrict the internet and email domains with which team members and the organization can connect. By identifying Allowed and Verified Domains, organizations gain an additional level of control over who can join their Passpack user environment. Administrators can, for instance, block employees at Coca Cola from sharing passwords with someone at Pepsi. An example on the grandest scale to be sure, but you get the point.
- Take advantage of Notes. A robust password manager app will do more than create and store passwords, it can serve as a centralized digital vault for all types of confidential information/credentials. Passpack offers Private and Shared Notes functions in which related data such as account numbers, PINs, answers to security questions, contract numbers, expiration dates, support contact information, and more can be securely stored alongside the credentials for each password-protected account.
- Remove departing team members immediately. Whatever an employee’s reason and terms for leaving, amicable or hostile, immediately revoking their access privileges to all online resources is critical. With Passpack, administrators can completely remove a selected user from all teams at the click of a mouse without impacting the access of other team members. For an added level of security, Passpack recommends that all shared passwords be recycled to totally eliminate access by the departing employee.
Don’t be penny wise and pound foolish. Get Passpack.
The decision to implement a credentials manager app is not a set it and forget it proposition. You’ve got to fine-tune it to the rules and policies you wish to enforce. At Passpack, we’ve got your back.
Our customer support team is here to help you configure the app to your needs and take advantage of high-level password management functions, so you get maximum value from your subscription.
Now you can try Passpack risk free. Sign up for a 28-day trial of the Passpack Business Plan and see how easy it is to keep your credentials secure at no cost!
Are you an existing Passpack Teams Plan subscriber? We’ll make you the same offer. Try the new Passpack Business Plan free for 28 days, and if you’re not completely satisfied with the added functionality, we’ll drop you back down to the Teams Plan, no questions asked.