Houston (281) 807-2700
San Antonio (210) 225-5427

Password Management

Passwords are a problem. In one sense they are exactly the opposite of what they should be. Theyโ€™re hard for users to remember but easy for intruders to guess or steal. The user frustrations with the current system make it ripe for abuse, and thatโ€™s exactly whatโ€™s taking place every day.

The best solution for lawyers and law firms alike is to implement a password management utility. Weโ€™ll take a look at that solution after exploring the nature of the problem in greater depth.

The Problems with Passwords

Can you even count how many digital sites and services youโ€™re required to log in to with a username and password? Most people have upwards of one hundred. Itโ€™s challenging, if not impossible, to keep them all straight without some kind of assistance. People usually resort to one of several very insecure methods to solve this. One of the most common is reusing the same username and password on multiple sites.

Password Reuse Is Easy but Dangerous

Security professionals will tell you that reusing passwords is dangerous. This is because when (not if) your credentials are captured or stolen on one site, you become vulnerable on every other site that uses those same credentials. The problem here is that itโ€™s just so easy to reuse passwords, especially on accounts we donโ€™t consider to be sensitive in nature. Nearlyย halfย of security professionals themselves admit to reusing passwords, even though they know firsthand the dangers of doing so.

Strong, Unique Passwords Are Too Hard to Remember

If youโ€™re not supposed to reuse passwords, then what should you do? Ideally, you should create a strong, unique password for every site. Each one should be lengthy (the longer the better) and should contain a mix of lower and uppercase letters, numbers, and symbols. The longer and more complex the password, the harder it is for a computer to crack it. People wonโ€™t be able to guess Gbje23+3zp?$T0n very well at all.

The problem with a password like Gbje23+3zp?$T0n, though, is obvious. Youโ€™ll have a tough time remembering even one of those, let alone a hundred.

Experts will suggest other tactics, like turning a familiar phrase into a password. โ€œFour score and seven years ago our fathers brought forth a new nationโ€ could become โ€œ4s&7yaoFbfaNNโ€. This method uses the first letters of each word (along with numbers and symbols where appropriate) to create a passcode thatโ€™s nearly inscrutable but thatโ€™s easier to remember.

This method helps, but it doesnโ€™t scale well. Itโ€™s true youโ€™ll have an easier time reproducing that than the previous example, but youโ€™ll still have a tough time replicating that a hundred times over.

The Solution: Password Management

The best solution to the password conundrum is using a password management utility. Setting up a password management utility isnโ€™t difficult, and putting one in place greatly increases your digital security. Once youโ€™ve set up a password manager, you donโ€™t even need to remember all those passwords. You just have to remember one.

How Password Management Tools Work

Password managers are programs or apps that function as a digital safe, or a digitally encrypted locker. All your passwords are stored inside the safe. Password management tools will also help you create long, complex, unique passwords for all your accounts. Some can even do this automatically once you supply your existing credentials.

With a password manager, itโ€™s easy to maintain a different complex password for every account, because you no longer need to remember those passwords yourself. You just need to create and memorize one very strong password for the password manager itself.

Once youโ€™ve set up a password manager, it will autocomplete the login fields on most websites. For the few that donโ€™t auto-populate, you can access a database of your account credentials and copy and paste the proper credentials into the corresponding fields. All the major password managers also offer some degree of integration with both iOS and Android. Your passwords remain accessible, yet secure, on your mobile devices.

The Security of Password Management Tools

Password management tools stake their reputation on their security. They arenโ€™t perfectly secureโ€”nothing is. Theย Washington Post notesย some of their flaws. They are, however, a vast improvement over most peopleโ€™s current password practices. No one gets access to your vault without your master password, and hackers wonโ€™t get that password from the utility makers since they donโ€™t store your master password anywhere. Thereโ€™s no database to be hacked.

On that note, make sure your master password is itself long and complex. Consider using the โ€œfamiliar phraseโ€ tactic described earlier.

Conclusion

Lawyers have an obligation to keep their digital accounts secure. Doing so manually is difficult if not impossible. Implementing a strong password management solution is the answer. If you have more questions about implementing a quality password management system for your law firm, weโ€™re here to help. Contact us today to discuss the options available.