Managing passwords can be a real hassle, and it's no secret. On average, a business uses between 80 and 90 applications and systems on a regular basis, and each one generally requires its own unique set of credentials to manage. It's easy to see how users can struggle to remember all their login details and end up resorting to writing them down on sticky notes, notebooks in the top drawer, or worse still, using the same password for everything.
Sometimes, the best solution is to use technology to manage the technology! Here are three tried and tested approaches to simplifying the nightmare of password sprawl:
At the simplest level, there are password managers such as Bitwarden, 1Password, and Dashlane that are independent of browser technology and available across most devices. These tools offer great basic functionality, and can scale (using organisational licenses) to manage staff on-boarding and off-boarding (not a wise idea to allow ex-staff members to retain access to accounts)!
At Microsolve, we use and recommend Bitwarden - it works exceptionally well in a business environment, supports multiple security levels, on/off-boarding routines, audit logs, integration with other tools and advanced features such as phishing-resistant multi-factor authentication.
SSO stands for Single Sign-On, a series of technologies that allow a user to log in once and access multiple applications without needing to re-enter credentials into each application.
It sounds great, and IT IS - mostly! There are certain limitations (and risks) that need to be taken into consideration and appropriately planned for - deploying a comprehensive Single Sign On environment is NOT a trivial exercise!
Additionally, not all applications support SSO, and even the ones that do may not provide complete support for all the necessary functions, such as automated account creation, removal and group memberships.
Directory Membership is a variation of the previous option (SSO).
If you have a Windows device and an appropriate Microsoft 365 license, you can benefit from the EntraID user management service.
EntraID allows you to log in to your Windows device (laptop, desktop, mobile) and access Microsoft 365 applications + data in a single step. If you spend most of your time working within the Microsoft 365 environment, this is the recommended way to go!
While there is no one-size-fits-all solution, any of the above approaches will certainly help lighten the burden of employees juggling the 80 to 90 separate sets of credentials - which is a step in the right direction towards better password management efficiency!
Want to discuss your security needs? Reach out to one of our security consultants.