Security Key for Password Vault
Password vaults are excellent tools for security and end user convenience for access control. Maximize the benefits and minimize the risks of using a company-wide password vault for users by securing them with security keys. IT admins can easily increase security while also decreasing time users spend on logging in to workstations, applications, and websites.
Hidden costs of passwords.
There are so many hidden costs to password problems that are not so obvious at first. Today, IT managers maintaining 10,000 users, each with 100 passwords is 100,000 different points of failure to manage. If there’s a data breach and every password needs to be changed, how much time would this take an IT team to accomplish?
Help desk calls are probably the largest expense inflicted by password problems (until a data breach takes the number 1 slot). Take a look at this 2001 COMPUTERWORLD article – Gartner estimated a password reset at $14 back in 2001. Today, those same password resets cost $70 each according the Forrester Research – that’s a 400% increase in cost for each password reset. Not to mention, there are significantly more passwords per user today than ever before, and still growing, even though we acknowledge its archaism. IT teams spend too much time dealing with the simple problem of a person forgetting a few characters they’re supposed to memorize. If each user forgot a password 5 times a month, and there were 1,000 users, the cost would be USD $350,000 per year on forgotten passwords!
Minimizing downtime points.
IT admins are still trusting their users with one password that accesses the rest – this can be a double-edged sword. 2FA is the first check to this problem. But the problem is that users still need to remember to long password and type it every time they login. When users forget their passwords, they are locked out until the help desk can expensively spend time helping them. Fortunately, there’s an easier, yet secure, way of letting users login to their password vaults without typing passwords.
Use a key to unlock your password manager.
Instead of typing a master password to unlock the password manager, use a physical token for passwordless key-based entry into workstations and accounts. The security key will act as the first factor, auto-filling a strong Windows password (factor 1). Then, the user will type a shorter PIN (factor 2) to verify ownership of their security token. Tokenized 2FA significantly more user-friendly, takes no training for end users, and saves large amounts of time and effort on the IT admins’ parts.
Users will now have the mobility of unlocking a car, combined with bank-grade security (card + your PIN). IT help desks will instantly experience an overnight reduction in ‘forgot password’ calls and ‘reset password’ tickets. IT admins can also assign multiple keys to a user, or assign another when the first is lost. This gives users a backup token if they misplace their original token.
Precision logins with minimal attack surface open to intruders will be the order of the day. GateKeeper password vault also utilizes continuous authentication to ensure that the user is always present. If the user leaves with their token, the computer will automatically lock. This means IT admins can ensure that password vaults are always secure by preventing unlocked and unattended computers. Check out our case studies on how organizations in industries in healthcare, manufacturing, and finance have increased login speed and security with GateKeeper.