Skip to main content Skip to search

Security

Password symbol

Top 5 tips for using a password manager

Passwords, we all have more that we care to admit. With every online service, telephone service and device requiring one of those pesky words, our lives are littered with them. It is best practice to have a unique password for each account, but how do you remember so many? Check out our Top 5 tips for using a password manager!

What is a password manager?

Before we start our Top 5 tips for using a password manager, let’s summarise password managers.

Password managers are secure vaults for all of your passwords. In the simplest form, it is no more than that. You typically have one strong password, the “master password”, that unlocks the vault. Once the vault is unlocked it gives you access to all of your credentials. Good password managers will allow you to:

  • Generate secure passwords.
  • Notify you if/when a password has been compromised.
  • Prompt you to change duplicate passwords (which of course, you have none!).

For all their great features, a password manager does of course come with risks. Their usage should be proportionate to the risk of the credentials being leaked. We know that every account should have its own strong password (until a passwordless society becomes the norm), but how many of those are highly confidential accounts? Which do you care about the most? Your bank account password being known only to you, or your Netflix account.

We will explore some of the risks associated with password managers in a later post. For now, let’s focus on the Top 5 tips for using password managers.

Top 5 tips for using a password manager

Here is Accelita’s Top 5 tips for using a password manager. Remember, password managers are not the only defence against credential compromise!

1. Use the password generator to generate strong passwords

Most good password managers come with the ability to generate strong passwords. The definition of a strong password is often a topic of debate, however many people converge upon a similar theme. The National Cyber Security Centre (NCSC) guidelines are to use three random words.

Create passwords using three random words. You just put them together, like ‘coffeetrainfish’ or ‘walltinshirt’.

2. Create accounts linked to domains

Passwords should be unique, and each service is likely to have its own website address. Password managers allow you to create accounts/logins; combining the username, password and website address (URL/domain name). Entering the website address with your password entry will help reduce the chance of you being tricked into entering credentials into a cloned site. Attackers are clever, they will lure you on to a site they control, often looking identical to the authenticate site and with a very similar domain name (think netfl1x.co.uk as opposed to netflix.co.uk).

If you have entered a website address against a login, but navigate to a fake site, the login you would normally use won’t be displayed in the list of suitable options. This is just one simple, subtle, hint for you to check you are where you think you are.

3. Ace the master password

Great, you have your password manager containing all your passwords. But, then you set the master password as “password1”. Doh! Now attackers have access to all of your accounts, not such a wise move. Following the guidance in Tip #1, set a strong master password, and don’t share it!

4. Maintain good account hygiene

You will find over time that the number of accounts you have in your password manager is growing beyond belief. Starting with 1 or 2 and often reaching hundreds in a matter of months, it is quite scary just how many services we are signed up for. Think of all of those people you have shared your details with.

Just as you would spring clean your house, take time to maintain your online footprint. Look through the list of accounts in your password manager and ask yourself, “do I still use this?” and “what value does this account bring me?”. If you don’t need it, close the account. You have a right to be forgotten and companies shouldn’t be storing data any longer than needed, so close the account and remove the risk. Why loose personal details through an attack on a service you no longer use?

5. Use two/multi factor authentication

Passwords are only part of the authentication solution. Passwords can be broken, stolen, or simply guessed. Using a secondary form of authentication such as a unique code generated on your phone, a one time password sent via SMS, or a hardware dongle (take a look at Yubico) adds in a second line of defence. Again, the NCSC has some great guidance on this.

Want to read more?

The NCSC have lots of great guidance on staying safe online. In fact, they even have their own post about password managers. Whilst you are here, why not continue your journey and see what the NCSC have to say?

Read more
office applications

The power of G Suite for business solutions

G Suite is the cloud based office productivity suite offered by Google. It is a great way for businesses to deliver efficient and cost effective solutions to all of their employees. Using well known tools such as G Mail and Google Docs, businesses can achieve the most common office tasks right from within their browser.

How is G Suite different to Office 365?

Office 365 is an office productivity suite offered by Microsoft. Office has a long standing reputation as the go to productivity suite for both home and business users, but such a reputation comes at a great cost.

Some of the key differences between the two products include:

  • Office 365 provides users with native desktop applications, whereas G Suite is all based in the browser (although there is still support for offline working).
  • Office 365 limits each user to 1TB of storage whereas G Suite gives users unlimited cloud storage (for 5 or more users, otherwise 1TB each) and Google Docs/Sheets/Slides don’t count to storage anyway.
  • Mobile Device Management with Office 365 is limited in capabilities without an additional Intune licence, G Suite provides full functionality for everyone.
  • Office 365 provides shared mailboxes, great for enquiries/sales/admin addresses, G Suite is lacking a bit in this area but do provide a collaborative inbox feature which gets you about 50% of the way there.

How does the cost compare to Office 365?

At the time of writing, the Office 365 Business Premium plan at £9.40 per user/per month (plus VAT). Compare this to Google’s G Suite Business plan at £6.60 per user/per month (plus VAT).

When evaluating Office 365 for our business and for clients needs, we were unable to find any discounts. For G Suite we have a 20% discount code for your first year of basics or business, just get in touch.

How do I build custom business applications?

Both platforms provide a low code platform for developing business applications on top of the productivity suite. Microsoft have PowerApps, a basic licence for which is included in your Office 365 subscription. G Suite comes with App Maker which is again included in your subscription but has full access to the G Suite API.

As we work with customers on business solutions, we continue to investigate and invest time into G Suites App Maker as we have found the documentation more accessible, the extensibility greater and the integration options more complete.

How popular is G Suite?

This is a very interesting question, one that we were initially quite shocked by. From small businesses to well known brands such as Morrisons, it appears G Suite has a strong and loyal user base. The G Suite pricing page itself provides a large number of success stories and claims that millions of business use G Suite.

Chosen by millions of businesses, from small companies to the Fortune 500.

What are the limitations of G Suite?

There are a few considerations to make before jumping into or over to G Suite over Microsoft’s offering.

  1. G Suite is a web browser based productivity suite so desktop extensibility is limited. Whilst you are able to extend functionality in many ways, you cannot run G Suite offline PC’s as there are no desktop applications.
  2. Microsoft Office is more feature rich, for many years office applications were – and in some cases, still are – one of their main products. Whilst Google does a great job at providing the standard functionality, there is often the odd gotcha along the way.
  3. Video conferencing in Office was recently reinvigorated with Microsoft Teams. Google have a long standing history of replacing their video conferencing products Google Hangouts, Duo, Meet. For team collaboration their offering is good, but they don’t yet have an equivalent to Teams.
  4. Shared Mailboxes aren’t really a thing in G Suite. This is one of the biggest drawbacks for businesses used to having a shared inbox for their generic sales address, for example. There are features available which provide similar functionality, but these aren’t as slick as you would like (although we have put some feature requests in to Google to try and improve this).
  5. Interoperability between Microsoft file types of G Suite can be sometimes limited. The more complex the Microsoft Word document, the more likely it is you are going to have some formatting issues. That being said, G Suite can open and export to Microsoft Word and does a fairly reasonable job at it.

Looking for other reviews?

There is lots of information out there comparing the two productivity suites. A fairly comprehensive review can be found on Style Factory which we originally read when considering options for productivity suites.

Looking for a free trial and a discount?

If you are looking for a 14 day free trial, head over to Google G Suite. If you are seeking a discount on your first years subscription then get in touch, we can send you a code for 20% off your first year Basic or Business plan.

Read more
Cyber security

Introduction to Cyber Security

Cyber Security knowledge begins with an Introduction to Cyber Security. Cyber is a developing industry and a growing concern for many. As a result, there is a diverse resource set available across the Internet, recommendations available in printed material and recorded guidance embedded within video platforms. It is now more important than ever to ensure you embed well founded Cyber Security knowledge throughout your business.

At Accelita we take pride in our desire for continuous development. To this end, we took part in The Open University course, Introduction to Cyber Security. This course covers the basic principles we should know as consumers, members of the public and professionals. The course provides definitions and case studies for all those scary tech words we hear in the news. You are walked through common steps to mitigate cyber security risks and challenged to think outside the box.

"Well founded Cyber Security
knowledge is essential"

The Introduction to Cyber Security course provides a fantastic starting point, but Cyber Security is a forever changing landscape. A host of reputable, cost effective, solutions are available to help further knowledge in this area.

Cybrary

Focused on those who are technically minded and like to get stuck in. This is a great platform providing free courses for everyone. We have used Cybrary for a number of training activities. Knowledgable instructors, extremely mature content and fantastic scope make this platform great.

See more at Cybrary.

Pluralsight

Pluralsight is more than just a training platform for Cyber Security topics, it is an enterprise ready platform for a multitude of technical topics. Investing in Pluralsight provides organisations with an overview of employe engagement and learners with an array of well structured courses.

See more at Pluralsight.

Accelita

At Accelita we currently provide Cyber Security awareness training to personnel across the organisation. Rather than delivering technically focused content, we discuss the steps that everyone can take minimise risks to the business and yourselves.

See more at Accelita.

Read more