Is there a good way to share passwords in an enterprise?

December 18, 2017 3 minute read

One of the most important facets of enterprise security is ensuring protection for all employee accounts. Password sharing methods play a critical role. When pressed for time, many users resort to sending unencrypted plain-text passwords via high risk channels like chat or email.

There are other ways to securely share passwords across teams throughout an organization—and writing it on a post-it note and leaving it on your co-worker’s desk is not one of them. Two recommended practices include:

Creating an audit trail.

With an audit trail, organizations are able to track the users who request passwords and the purpose for which they intend to use them, offering a way for organizations to discover potential password misuse. Additionally, being able to provide evidence of who has seen what in an organization is a compliance measure in known laws and frameworks.

Enforcing a strict need-to-know policy.

Giving users access to assets that are neither relevant nor useful to them on a daily basis only raises the risks for unauthorized access in the future. Limiting access to accounts and assets can help mitigate the probability of exposed sensitive data.

Stored Safe logo
Ecosystem Showcase: StoredSafe

With an in-depth understanding of enterprise password challenges, Yubico ecosystem partner StoredSafe launched their own password manager, Password StoredSafe. It safely stores and shares enterprise passwords, as well as the critical information related to passwords, on a need-to-know basis and with a full audit trail.

All of StoredSafe’s solutions enforce two-factor authentication (2FA)—a testament to their commitment to password security. StoredSafe highly recommends the YubiKey and the YubiHSM for the strong hardware-backed 2FA protection they offer. With YubiKey 2FA enabled, unauthorized users cannot gain access to passwords and the enterprise secrets they protect.

“The YubiKey is the only hardware token StoredSafe supports since we integrated 2FA back in 2010. To further improve security, we have also incorporated the YubiHSM into our platform as a safe storage for all cryptographic keys. Both are easy to implement and empower our users to work independently from the internet and other networking services,” said Fredrik Soderblom, StoredSafe CEO.

StoredSafe continues to expand their product portfolio to help organizations meet and implement internal security policies around critical and sensitive information. Beyond their password manager, StoredSafe also offers 2FA StoredSafe for implementing two-factor authentication to existing IT infrastructures, Certificate StoredSafe for monitoring and holding certificate information, and File StoredSafe for securely storing confidential data.

To learn more, visit the StoredSafe website or contact sales@storedsafe.com.

Yubico is proud to highlight StoredSafe as part of an ongoing YubiKey ecosystem awareness program. Visit our Featured Solutions page to learn more about all the products and services that support the YubiKey.

Share this article:

Recommended content

Thumbnail

Combating ransomware attacks on your enterprise

What do a PC manufacturer, a meat supplier and a mental health clinic have in common? They have all been victims of ransomware attacks. They’re not alone. Ransomware attacks grew by over 485% in 2020, leveraging the new ransomware-as-a-service (RaaS) model of profit-sharing in exchange for ransomware tools.  One of the most infamous recent ransomware ...

YubiKey for password manager security

Ransomware attacks are plaguing enterprises large and small. Take these steps to prepare and prevent ransomware attacks on your organization.

Thumbnail

What SolarWinds taught us about the importance of a secure code signing system

Last year’s SolarWinds attack was caused by intruders who managed to inject Sunspot malware into the software supply chain. The hackers exploited a breach in the SolarWinds code signing system, which allowed them to fraudulently distribute malicious code as legitimate updates to installations across the world. While this attack taught the industry many lessons, one ...

Thumbnail

SANS 2021 Password Management and Two-Factor Authentication Methods Survey

Read this report to learn about password management and the types of MFA solutions being used in industries