One of the biggest cyber risks to any organization is a criminal gaining unauthorized access to their systems, as though they were an employee, by using stolen or guessed credentials. And unfortunately, many people use the same password (or an easily guessable one) for all of their personal and professional log-ins. That means that if your password is compromised in one breach, it's available to anyone.
Coalition recommends using a password manager to make strong password use automatic and straightforward. When using a password manager, you first create one strong "master password" that's like the skeleton key to your all of your passwords. A passphrase, which is a string of unrelated words like "excited-related-begin-owned", is the most secure and memorable option.
Once you've set your master password, the password manager will create and store strong, unique passwords for all logins. And the best part? You only need to remember your master password -- once you enter this into the password manager, the password for each unique log-in will be automatically filled.
Some password managers also enable sharing across teams, which makes it safer and easier to share credentials across a defined group. Many password managers support organizational management, so good policies can be enforced centrally.
There are many good password managers available for a low cost per user per month -- LastPass, 1Password, and DashLane are all good options. We also recommend using two-factor authentication in conjunction with the password manager, which adds an extra layer of security to all log-ins.