Recently, with the passing of the Thanksgiving holiday, many of us have paid closer attention to those things for which we are thankful. I, too, have just taken an assessment and realize I have a plethora of things for which I’m grateful, at home as well as at work.
I know this might sound trite, but in my work life, I am thankful for my password vault. I’m sure many of you know and use this simple software tool, but for those of you who do not, a password vault is a software application that stores a list of all of your many passwords. What sets this type of tool apart from the plain text Word file where I used to store all my passwords, is that this application provides encryption. Now, I need only remember one password in order to access all of the rest!
This new device has set me free! As well, it has enabled me to follow all of our corporate guidelines for password creation and updating. No longer do I simply change the number behind my bird’s name! And, I can easily change all my passwords every thirty days, whether a particular network requires it or not.
I know this has been a problem for more than just me. Often, as a part of security assessments, our staff will conduct a physical review of our client’s workplace. During this “walk through”, we often find post-it notes with passwords underneath mouse pads and on computer monitors themselves! I always said, I was more secure than that, since all my passwords were in a document on my hard drive. What I learned was that since my document was named “Passwords” and was in plain text, I was no safer than the person with the post-it note!
But, the number of passwords I needed to remember and the frequency with which they needed to be changed was ever increasing. I wasn’t sure what to do until someone suggested a password vault. There are many of them available now, both open source and as off the shelf products. All that I have seen are easy to install remain as an icon in your taskbar or on your desktop and are easy to use.
My message here is short and sweet. Get and use a password vault. You and your security team will both be glad you did!