Blog
← Back to Blog
February 14, 2020 general

Valentine's Day 2020: Why Your Business Needs a Better Relationship with Passwords

Digital security and password protection

Valentine's Day is about relationships. Love, commitment, trust. So let's talk about your business's relationship with passwords, because right now, it's probably toxic.

You're using weak passwords. You're reusing the same passwords across multiple systems. You're sharing passwords over email and text messages. You're writing them on Post-it notes. And you wonder why account takeovers keep happening.

It's time for relationship counseling. Let's fix your password problems.

The Current State of Your Password Relationship

Most small businesses have terrible password hygiene. Here's what we see routinely:

Password123

Passwords that are short, simple, and easily guessed. "Password," "Welcome1," the business name, the owner's name, "admin," "12345678." These get cracked in seconds by automated tools.

One Password to Rule Them All

The same password used for email, practice management software, banking, social media, and cloud storage. When one system gets breached (and eventually one will), attackers try that password everywhere.

Sharing is Caring (But Insecure)

"What's the Wi-Fi password?" gets answered in group emails. Admin passwords get shared via text message. Login credentials get written in shared notebooks.

Every time you share a password insecurely, you're creating a vulnerability.

Never Changing

Passwords from 2015 still in use. The person who created the password left the company two years ago, but the password never changed.

Memory Struggles

Because nobody can remember dozens of complex unique passwords, people write them down in insecure locations or reset them constantly, creating friction and frustration.

Why This Matters Right Now

Password-based attacks are getting more sophisticated in 2020:

Credential Stuffing

Attackers use billions of username/password combinations from previous breaches and try them against other services. If you reuse passwords, you're vulnerable to this.

Phishing Evolution

Phishing emails are getting better. They're more targeted, more convincing, harder to spot. When someone clicks and enters their password on a fake login page, that password gets compromised.

Data Breach Volume

Hundreds of millions of passwords get leaked every year from breached services. Attackers compile these into databases and use them for credential stuffing and password cracking.

A Healthier Password Relationship

Here's what a healthy password relationship looks like for a small business:

Unique Passwords Everywhere

Every system gets its own password. If one gets compromised, the damage is contained.

"But I can't remember 50 different passwords!" Correct. That's why you need a password manager.

Long and Complex

Passwords should be at least 12 characters, preferably 16+. Mix of uppercase, lowercase, numbers, and symbols.

Or use passphrases: four random words strung together. "correct horse battery staple" is stronger and more memorable than "P@ssw0rd!"

Changed When Needed

You don't need to change passwords every 90 days (that old advice actually makes security worse because people just increment numbers). But you do need to change passwords when:

Protected with MFA

Multi-factor authentication means even if a password gets compromised, the account stays protected. This should be standard on email, financial systems, and administrative accounts.

Managed Securely

Passwords stored in a proper password manager, not in spreadsheets, text files, or notebooks.

Password Managers: The Relationship Counselor

Password managers solve most password problems:

Generate Strong Passwords

The password manager creates random, complex passwords for you. You don't have to think of them or remember them.

Store Them Securely

All your passwords in one encrypted vault, protected by one strong master password. You only need to remember the master password.

Fill Them Automatically

When you visit a website or app, the password manager fills in the credentials automatically. No typing, no copying and pasting.

Share Them Safely

Need to share the social media account password with your marketing person? Share it through the password manager's secure sharing feature, not via email or text.

Alert You to Problems

Good password managers warn you when you're reusing passwords, when passwords are weak, or when passwords appear in known data breaches.

Recommended Password Managers

For small businesses in 2020, good options include:

1Password for Business

Excellent user interface, good team features, strong security. Popular with small businesses and professionals.

Pricing: Around $8 per user per month.

LastPass Business

Feature-rich, good admin controls, works across all platforms. Has had some security incidents in the past but remains solid.

Pricing: Around $6 per user per month.

Bitwarden

Open source, affordable, good features. More technical than some alternatives but very secure.

Pricing: $3-5 per user per month for business features.

All of these are significantly better than your current approach of reusing "Password123" everywhere.

Implementation Plan

Don't try to fix all your password problems overnight. Here's a realistic approach:

Week 1: Choose and Set Up

Pick a password manager. Sign up for the business plan. Get it installed on your computer and phone.

Set a strong master password that you'll remember. Write it down and store it in a safe location (seriously, a safe or safe deposit box) as a backup.

Week 2: Add Critical Accounts

Start with your most important accounts:

For each account, have the password manager generate a new strong password and update the account.

Week 3-4: Add Everything Else

Work through the rest of your accounts. Every login you use, add it to the password manager and update to a strong unique password.

Month 2: Team Onboarding

Get your team using the password manager for shared accounts. Set up secure sharing for passwords that multiple people need.

Ongoing: Maintain

When you create new accounts, use the password manager from the start. Periodically check the password manager's security reports for weak or reused passwords you might have missed.

Common Objections (And Responses)

"What if I forget the master password?"

Write it down and store it somewhere secure (safe, safe deposit box). Or use the password manager's emergency access feature to designate a trusted person who can help you regain access.

"What if the password manager gets hacked?"

Major password managers use strong encryption. Even if their servers got breached, your passwords would still be encrypted and unusable by attackers. This is much more secure than reusing simple passwords everywhere.

"This seems complicated."

It's actually simpler than your current approach once you're set up. Instead of remembering 50 passwords or constantly resetting forgotten ones, you remember one master password and let the manager handle everything else.

"What if my phone dies and I need a password?"

Password managers sync across devices. You can access your passwords from your computer, tablet, or the password manager's web interface.

Beyond Passwords

Password managers are a foundation, but complete security requires more:

But fixing your password problems is a high-impact first step that makes everything else more secure.

This Valentine's Day

Show your business some love. Fix your dysfunctional relationship with passwords. Commit to using a password manager. Make 2020 the year you stop reusing "Password123" everywhere.

If you need help selecting a password manager, getting it set up, or training your team to use it effectively, we can help. We've been helping Arizona businesses with practical security improvements since 1991.

Here's to healthier relationships, both personal and password-related. Happy Valentine's Day.