Step 4: Securely Manage Passwords on Shared Accounts

From

editione1.0.0

Updated October 9, 2023
Now Available
Security for Everyone

One of the more helpful features of password managers is the ability to share passwords with teams. It is an inevitable part of running a business with digital accounts. Some accounts only allow you to have one user, such as Twitter, and you might need a hand in managing the account. Or you might need to share accounts to manage account costs.

For example, if there is an online account you use for creating digital content like banners and images for sharing on social media, you might get help from a few people on the team to get these made, and they never have to use the account at the same time. However, the cost to have an account per user could be way out of the budget if you run a small team and business. Just because your business chooses to share a single account doesn’t mean the security of that account has to go outside the door. Setting a unique password in a password manager, and sharing it within your password manager with others on the team, is a great way to keep the account safe.

danger On a team, shared passwords lead to the temptation to send or save them insecurely by chat, email, or in shared documents. Instead, insist everyone on the team use the password manager and share passwords that way.

confusion When you go down this path, checking the terms of the account that you are looking to share is important. This of course reduces revenue for the software company, so most of them are not keen on people sharing accounts. Software companies explain (though it is often clear as mud) their rules around sharing accounts in their terms of service.

What I Do to Secure My Accounts

What I do to protect my information and accounts will look similar to what you’ll be doing:

  • For every account I create, I have my password manager auto-generate and store it for me using password manager browser plugins. If I find myself creating a password without it, I pick five random words and string them together so I can easily remember how to store it later.

  • Before I start putting more data into these accounts, I enable 2FA. I aim to always do push notifications or one-time passwords where I can, and settle for SMS where I can’t use any other options. A good example here is Twitter, which only updated their two-factor options in 2019.

  • You’re reading a preview of an online book. Buy it now for lifetime access to expert knowledge, including future updates.
If you found this post worthwhile, please share!