Your Bank > Education and Advice > CNB University

Passwords, Safe and Easy!

By John B. Folkerts, CISSP, Information Security Manager, Canandaigua National Bank & Trust

Most people know that a difficult-to-guess password is the safest kind of password. But difficult passwords are also the hardest to use. Can passwords really be both SAFE and EASY? They can be – if you use a password manager.

Everyone has a story about password frustration. Let’s review the problems that passwords present:

  1. People forget their passwords. Obviously passwords only work if you remember what the password is. If you forget, you are locked out and need to use a back door (phone call, link to email, secret question and answer, etc…) to get back in. Because this is so inconvenient, people resort to using the same password everywhere. Which leads us to the next problem…
  2. Same password, but different web site. If you use the same password for your online banking that you use for purchasing pet food, you have a problem. Your online store for petfood may not has as strong security as your bank. If the petfood website gets hacked, your password is exposed to the criminal element on the Internet. And criminals like to share…
  3. Passwords are easy to copy and share. Did you know that there are over 11 billion stolen usernames and passwords currently posted online and available to anyone on the Internet? (There are only 8 billion humans on earth). This is not a list you want to be on. If you do become aware of a stolen password, change it! Which leads to our next challenge…
  4. Good passwords are difficult to create. Annoying web sites ask for “at least 2 numbers, special characters, uppercase, lowercase, at least 12 characters in length…” It is a major challenge to come up with a password that follows these rules. Yet, easy passwords are easy to guess or decrypt, so we reluctantly follow the rules.

Those are some discouraging problems above. No wonder people have been complaining about passwords since the very beginning! How can a password manager solve our password problems?

  1. Password managers are designed to remember all of your passwords. They are stored in an encrypted file, so that they only way to see them is by entering your master password or a fingerprint reader to unlock the password database. Then copy and paste the password when you need it.
  2. Password managers keep passwords associated with all the websites on which you have an account. It is useful to know where you’ve been, and you can now have a unique password for each website. If a password for one website is stolen, you only need to change a single password.
  3. Protections, such as encryption and time outs, help ensure that your passwords are not copied out of the password manager by unauthorized users or software. As a bonus feature, some password managers allow you to share credentials with others who you want to have access to them (e.g. a spouse).
  4. The best for last! Using a password manager means you never need to think up a complex password again. Most password managers have random password generators which create difficult, long, complex passwords, unique to each website. And you never need to remember them! (Just use the password manager).

So what are you waiting for? Check out the password manager software reviews online to see which one best meets your needs. Pick a reputable vendor - there are a number of offerings that will do the job. Additionally, most of the password manager software providers offer some sort of limited time trial period, so you can try before you buy. Get started with a new approach to passwords today, and you will see that passwords can be both SAFE and EASY!