Debunking password myths: Why employees shouldn’t store passwords in browsers (Part 3 of 3)

Blog Img Security Generic iStock 1137485042

Passwords are the keys to your online life. They protect your email, social media, banking, and other accounts. But what if someone else got a hold of your passwords? The consequences could be devastating. They could read your private messages, take over your accounts, or even steal your identity to commit fraud and other crimes. 

That’s why it’s so important to protect your passwords. In the first two parts of our debunking password myths series, we discussed why businesses should stop regularly resetting passwords and using complex passwords. In this final installment, we’ll dive into why employees shouldn’t rely on browsers for password storage.

Read also: 3 Types of security controls: Technical controls (Part 3 of 3)

Why shouldn’t employees save passwords in web browsers?

The average internet user has more than 240 online accounts that need a password. That’s way too many passwords for anyone to memorize, which is probably why one in four internet users save their passwords in web browsers. While browser password managers offer convenience, they have three key limitations:

1. Security

Browser password managers typically store passwords in an encrypted format on the user’s device, but they do not offer the same level of encryption and all the security features of a dedicated password manager. So, if your browser gets infected with malware or someone gains access to your device or operating system, they could also access the passwords stored in your browser. 

Browser password managers also do not have centralized oversight and administration, making it challenging for IT departments to manage who has access to which passwords. If an employee suddenly leaves or goes rogue, identifying and revoking their access can be problematic. That employee may exit the organization with passwords for company accounts stored in their personal browser, potentially exposing the company to data breaches.

2. Sync

With the rise of hybrid work, many employees are now accessing work accounts on multiple devices and browsers. Therefore, it’s inconvenient and unproductive to rely on a single browser’s password manager. You need a solution that can seamlessly sync passwords across different platforms and browsers.

3. Sharing

It can be difficult or impossible to securely share passwords stored in a browser. And without a tool for securely sharing passwords, employees may resort to unsafe practices, such as sharing passwords over email or chat. Such practices expose your business to unnecessary risks and potential security breaches.

How can employees store passwords securely?

The most secure way to store your passwords is to use a dedicated password manager. Dedicated password managers are designed to store and create strong and unique passwords for all your accounts. They offer many advantages over browser password managers, including:

  • Robust encryption: Dedicated password managers use robust encryption to safeguard your data. This means that your passwords will stay protected even if your device is lost or stolen.
  • Cross-platform compatibility: Unlike browser password managers that limit synchronization within their ecosystems, dedicated password managers work across different devices, major browsers, and operating systems. This makes it easy to access your passwords from anywhere. 
  • Secure password sharing: Dedicated password managers allow you to securely share passwords with other users when needed.
  • Automatic password filling: Dedicated password managers can automatically fill in your passwords when you visit websites. This makes it easy to log in to your accounts without having to remember or type in your passwords.
  • Multifactor authentication (MFA): Dedicated password managers support MFA, which adds an extra layer of security to your accounts by requiring you to provide more than one proof of your identity when you log in.
  • Offline password access: Many paid password managers offer the ability to access your stored passwords and other data without an internet connection. This means that you can still log in to your accounts even when you’re offline, giving you peace of mind knowing that you won’t be locked out.

Ready to implement a dedicated password manager for your business? The IT experts at SpectrumWise can help you choose and deploy the right solution. Schedule a consultation with us today.


Contact Us

"*" indicates required fields

This field is for validation purposes and should be left unchanged.