Something occurred to me this morning, that never really had before. It made me think so much, that I just HAD to write something about it.
I was listening to the latest episode of the #HackingHumans podcast with Dave Bittner and Joseph Carrigan on the way to work like everyone does (everyone DOES listen to it, right??), when Joe mentioned something in the episode that really made me stop and think.
He had mentioned that when using a password manager, he prefers to keep personal credentials separate from work-related credentials. I absolutely get that. I keep my work-related stuff in a separate folder, but still kind of intermingled with my personal stuff. At least it’s all kept in one location that I can delete it all in one fell swoop.
But, it wasn’t that that gave me pause. Joe had mentioned that likely a lot of people are using password managers that their employer provides access to, in an attempt to try and promote better digital and security habits. Yep, at one point, I too was using the one provided by my employer to store all of my credentials.
What Joe said next is what gave me one of those “things that make you go ‘hmm’” pauses (yes, I’m dating myself a bit). He said that once you leave that organization, you now no longer have access to that password vault that you had been storing your passwords in. If you were using it to store your personal info, bye-bye, you’ve just been locked out of EVERYTHING.
This is a GREAT reason why folks who use password managers might want to take a hard look at keeping their personal stuff isolated from their work stuff. The password manager I use is paid for by me, which I can then take with me wherever I go. If you are using one that your employer provides, you might want to consider looking at how to back up those personal credentials, and/or considering using a solution of your own that the organization doesn’t provide (there are free ones out there).
Leave a Reply