Blog Layout
Password manager apps: Why you could be a “hacker’s dream” without one
Andrew Stubbs • Aug 30, 2017

Cloud computing and web-based apps have undoubtedly improved business efficiency. But once you and your team start using various online apps, one aspect quickly becomes inefficient (not to mention downright annoying): having to repeatedly enter usernames and passwords to log in.

It's bad enough having to enter a multitude of login credentials when you first open the apps each morning. But many apps automatically log you out if you haven't been using them for a few minutes. And while it's a nice security feature, it means you have to repeat the entire process whenever you take a breather.

Wouldn't it be great if a 'master control' app could automatically enter your username and password whenever an app asked for them? Of course, you'd have to log into the master control app first, and that login process would have to be very secure. But just imagine how much time and frustration it could save.

The good news is that, to quote an all-too-familiar phrase, "There's an app for that". In fact, there are quite a few password manager apps available.

And you really should be using one.

Why you shouldn't enter your passwords any other way

"But I don't need a password manager app," you say. "I use the same username and password for all my logins, so it's pretty easy to remember."

Congratulations. You have become what's known in the online world as "a hacker's dream".

Why? Because once a hacker figures out your username and password on one site, they can use the same username and password to access every other site you use. And before you assume they couldn't possibly know the other online sites you use, they can run a program that tries your username and password on hundreds-if not thousands-of sites in a matter of minutes. It's not a question of whether they'll find those other sites. It's only a question of when.

"But it's more convenient doing it this way," you might say.

Sure it is. For now. But you may think differently when every online system you use-online banking, email, social media, etc.-has been compromised.

Even if you discover the security breach straight away, it can still take months-if not years-to recover. You could lose your savings, your business, or even your identity.

But there's no point creating different usernames and passwords for each site if you're just going to put them on sticky notes. Whether it's a physical one on your whiteboard or an electronic one in your computer, they're still incredibly easy to find and use without your knowledge.

How about storing them in a note-taking app such as Evernote or OneNote? Without any form of encryption, these apps aren't much better than the sticky note app on your computer.

And for goodness sake, don't email them to yourself so you can use a keyword search to find them. Not only will they be stored without any encryption, your email can easily be intercepted and read.

So, unless you have a perfect memory and can type incredibly fast, the only real solution to having unique, secure passwords is to use a password manager app.

Here are six reasons you should use a password manager app .

  1. You'll no longer be "a hacker's dream". With password managers you only need to remember the username and password for the app. Then, whenever you access a secure website, it will look up the username and password you created for the site (which are securely stored online) and enter them automatically.

    Because you don't need to remember them all you can use a different username and password for each site, which is far more secure than using the same one for them all.

    And if someone gets access to one of the sites you use, they still won't be able to access any others.

  1. You can use more secure passwords. The most secure passwords use a combination of upper- and lower-case letters, numbers and special characters. But when you have to remember them (and type them in over and over again), it's tempting to use simple passwords that are less secure.

    With a password manager, you can make them as long and complex as you want because it's the password manager app that remembers them all and types them in for you. It can even create new passwords automatically, such as "Sp?45AqG&&l6p#BzK".

These random, nonsensical passwords are far more secure than the names of your pets, family members, favourite movie or other  commonly used passwords. And the chances of hackers guessing your password, even with the software they use to generate them automatically, is extremely low.

         All you need to do is choose a strong password for your password manager.

  1. Your login details will be encrypted. If you're worried whoever created the password manager will have access to all your usernames and passwords, relax. All of your information is encrypted (scrambled), and only the strong password you use to log in can decrypt (descramble) that information. It's the same level of security used with Internet banking, and a lot more secure than sticky notes.
  2. You can use two-factor authentication for even better security. Let's say someone works out the username and password you use for a website. That means they can log onto the site, enter your details and they're in, right?

    Not if you've set up two-factor authentication. Instead they'll be asked to provide another piece of information only you can provide. It could be a random code to your mobile number via SMS, or one only your phone can generate. It may even ask for your fingerprint via your smartphone.

    And without that other bit of information, they won't get access.

    Two-factor authentication can be used not only on websites, but also the password manager itself. And while some people find the extra step inconvenient, it's an added layer of security that's well worth considering.

  3. You can share passwords more securely. Let's say you need to give a staff member or contractor access to financial or other sensitive data (a common scenario when working with freelancers and remote workers). One option would be to give them a username and password, which they would enter to access the information. But what's stopping them from writing them on a sticky note, or emailing the details to themselves (or worse, someone else)?

    With a password manager you can set them up with a password that is never revealed to them. It will log them in, but they never see what it is, and therefore can't share it or even write it down.

  4. You can revoke a person's passwords instantly. When people leave your organisation for whatever reason, you need to make sure they can no longer access your information. If they've written their passwords down somewhere you have no choice but to manually change or remove the password on every system they had access to.

    But with a password manager you can revoke all of their logins easily-and instantly.

Which password manager should you choose?

As mentioned earlier, there are quite a few password manager apps and services now available. And while their features, quality of security provided and ease of use may vary, they all offer similar benefits.

Some of the more popular password managers include:

The best choice for business use is a password manager such as LastPass Enterprise, which lets you set up users and teams based on your own organisation. You can then grant and revoke login access to those users and teams as necessary.

LastPass also has a Free plan (for use on one device) and a Premium plan that syncs your login details across all your devices.

And of course, you can use password managers for your own personal logins as well. You'll get the same benefits as you do in your business, but at a fraction of the cost. (Most password manager services offer free 'personal' accounts.)

In either case, you'll need to spend a bit of time setting everything up. But here are five ways a password manager will save you time in the long run.

  1. You'll save time logging in: Imagine logging into your computer first thing in the morning, grabbing a coffee, and coming back with all your web apps open and you logged into every one of them.

    That's what a password manager can do for you. It can open each web app and log you in without you needing to enter a single password (or even remember one).

    And once you experience it for yourself, you'll wonder how you ever lived without it.

  2. You'll save time logging in after being inactive. As mentioned earlier, a lot of web apps log you out automatically when you haven't used them for a while. It's good for security, but not much fun when you have to keep logging in.

    But with a password manager, you can be logged in again with just a couple of clicks. No usernames or passwords to type in. You may not even need to click the Submit button. It can do it all for you.

  3. You'll save time providing usernames and passwords to new team members: Depending on your type of business, a new team member may need dozens of logins. Setting them all up is not only tedious, but also a waste of time.

    But with a password manager you can put logins to all the necessary sites in a folder and then give the team member access to every site in that folder in one step.

  4. You'll save time completing web forms: Completing a web form to attend an event, download an ebook or purchase a product can be time-consuming (not to mention tedious). Most password managers let you create form profiles so you enter your details (such as credit card information and postal addresses) in seconds rather than minutes.
  5. You'll be able to log in from other devices: Ever needed to log in to a web app at home or while travelling only to realise the passwords you need are stored on your computer at work?

    Most password managers let you sync your login details across multiple devices, and even access them online, which means as long as you have your smartphone or access to the Internet you'll be able to log into those web apps.

How to get started with a password manager

If you love evaluating apps and technology, check out the apps mentioned earlier and see which one best fits your needs.

But if you want to start using a password manager straight away, choose LastPass. It lets you have a Free or Premium plan for your personal accounts and an Enterprise plan for your business. You can even link your personal and business LastPass accounts so all your logins are in the your own LastPass view. This saves you having to log in and out of separate LastPass accounts whenever you need to switch from a business-related web app to a personal one.

And don't worry. Even when you link your personal and business LastPass accounts, team members using your LastPass Enterprise account still won't be able to see or access your personal logins.

It really is the perfect combination.

Why Your Business Needs to Invoice Using the New Peppol Network

By Andrew Stubbs 05 Jun, 2022
Here's some good news if your business sends invoices to business or government customers. Peppol* is on its way. (That's Peppol, not Peppa .) Ever had this conversation in your business? You or one of your team: "Hello, I'm calling to follow up the invoice we emailed to you last month. It hasn't been paid yet." Customer: "Really? We didn't receive that invoice?" In addition to the time and expense of following up, the cash flow delays create stress for you and they hurt your business. Thankfully, the adoption of Peppol will solve this problem. What is Peppol? Peppol is an obscure acronym for Pan-European Public Procurement On-Line. What's more important than what it stands for, is what it enables. Peppol is an international 'eProcurement' framework for the electronic exchange of information. It creates a standard approach for governments and businesses to structure and exchange information such as invoices and other documents. What Peppol means for you and your business Peppol makes electronic ordering, invoicing and shipping between governments and private companies faster, simpler and more secure. This means your business will get paid faster when dealing with government and larger businesses. In 2019, Australia and New Zealand adopted this platform for e-invoicing which, when implemented, will make 'we never received your invoice' issues virtually impossible. The new e-invoicing system is more secure than email and provides many other benefits. Which countries are adopting Peppol? There are currently 40 OpenPeppol member countries: 32 countries in Europe plus Australia, New Zealand, USA, Canada, China, Japan, Mexico and Singapore. Each country has a Peppol authority. For example, in Australia that's the Australian Tax Office (ATO). Is Peppol already in use? Yes it is. For example, the SuperStream system in Australia-which many businesses are currently using to automate the payment of employee superannuation contributions-is based on the Peppol protocol. How does e-invoicing work? The system connects the accounting systems of all businesses and government departments via the secure Peppol network.  Suppliers generate sales invoices in their accounting systems which are sent to Peppol.

Company Director? Why You Need to Apply for Your DIN

By Andrew Stubbs 04 May, 2022
If you're a director of an Australian company-or you plan to be-take 5 minutes now to read this article. All existing directors (and intending directors) of Australian companies need to be aware that the Australian Government has announced the introduction of a new mandatory Director Identification Number (DIN) system. (You'll notice the term director ID is also used for DIN.) This system is the initial step in the Modernising Business Registry (MBR) Program which has been established under the Treasury Laws Amendment Act which was legislated by the Australian Government in 2020. More information on the MBR program can be found here . What is the DIN system trying to achieve? The DIN aims to provide accountability and traceability of a director's relationships over time, across all companies and will provide information on a director's involvement in what may be repeated unlawful activity, including illegal phoenix activity. It should also solve the problem of false or fraudulent director identities. What are the key features? It is mandatory for all directors, foreign directors and alternate directors of Australian companies to hold a DIN. The DIN is a unique 15 digit number. The first 3 digits will be 036 which is the identifier for Australia. The last digit is a check digit to help with accuracy when quoting your DIN. Like your tax file number, you will only be issued with one DIN which you will hold for life - even if you cease acting as a director for any period. To obtain a DIN, you will need to prove your identity so you will not be able to hold multiple DINs. Other office holders (e.g. company secretaries) are not required to register. The director is responsible for updating the DIN records for any changes in personal information within 7 days of the change. The director must apply personally. The process cannot be completed by your accountant, lawyer, spouse or executive assistant. There are significant penalties for non-compliance. How do you apply for a DIN? Directors have 3 options for applying. You can apply online from 1 November 2021. To use this method, you must first establish your identity via myGovID (an app you download on your smart device which is different from myGov). Once set up, your myGovID will make accessing a wide range of government services easier. (It's not just for your DIN application). For information on how to set up a myGovID please go to https://www.mygovid.gov.au/set-up During the DIN application process, you will need additional information such as your tax file number (TFN) and your residential address as per ATO records. It would also be advisable to have other personal details such as bank account details, medicare card or a recent income tax assessment available in case these are required. You can also apply by phone ( 13 62 50 ). During the call, the operator will ask for the identity documents you would have used to obtain your myGovID (passport and driver licence) as well as the additional information listed above. These details will be confirmed with the records held on existing government databases and, assuming the details agree, your DIN will be issued. Or you can apply by mail, but this is not recommended because the process for doing this seems vague ("Write to us") which means you can probably expect a lengthy process of certifying documents and coping with the vagaries of the postal system. One of the other two methods would be a better choice. When will you need to apply for a DIN? Transitional arrangements will allow directors to become familiar with the new requirement. When you need to have a director ID will depend on when you were appointed as a director.

7 Best Practices for Setting Your Small Business on the Success Track

By Andrew Stubbs 07 Apr, 2022
If you're a small business owner, you're always on the lookout for better ways to go about routine tasks to boost growth and underpin reliability. So, yes, you have the will; now, what are the ways? What are those consistent routines you can instill that will have the most benefits? This article looks at the top 6 things you can do to help your business thrive. We're going to cover finances, goals, marketing, technology and you ! So, let's take a look… 1. Your finances are a scorecard … and a predictor Boil it all down and dollars in the bank are the report card on the health of your business operations. Surprising then that so many people don't really pay much attention to how much they've earned, nor how much they're likely to earn. As much as it might feel like a chore, reviewing your sales and financial projections and then using them to ascertain if you need business financing is a discipline worth cultivating . If you suspect that your cash flow is precarious, you should be checking out your options today. First metric to check: your credit score. If it is too low, you need to take steps to shore it up. Next, check in with your bank or finance broker about what loans are available. 2. Goal setting, goal achieving, goal celebrating So, if you're using current and future dollars in the bank to keep score, the next thing is to do something about it. This is where goal setting comes in. If thoughtfully set and persistently pursued, goals help you orientate your willpower and your energy at each moment of the business day. This is the hidden power of goals: giving you a good sense of direction and a way to channel your instincts towards wise objectives. Constantly checking in with your goals makes them a benchmarking tool to keep your business pointed in the right direction. Yes, just having goals helps. Actually achieving a goal helps too, of course! 3. Increasing the impact of your marketing Marketing is not magic. It is not a mystery. It is not an art. However, many less-than-reputable marketers will try to claim that it is. They do so to gain wiggle room to pad their invoices and cover up their lack of skill. What this means is that it is easy to waste money on ineffective marketing. The good news is that there are many low-budget marketing strategies that actually work to help grow your brand and reputation. Scout around on the internet and choose one or two new tactics. Deploy them and test them. If they work, double down. If they don't, try something else. If you can't tell if they're working, also try something else. Social media is the obvious starting place for these low-stakes experiments and the old classics of LinkedIn, Facebook and Twitter are where to trial them. 4. Bringing your business up to date technologically The ability of modern productivity and project-management tools to give small players the same capabilities as the big boys simply cannot be ignored. Harness them properly and they'll let your small businesses operate with the same productivity as the titans of your sector. And, if your business is in the services sector, the increased controls that business technologies can yield also lets you be highly agile - that's something the big boys can't do. So, ask yourself: are you taking full advantage of what's out there? Don't worry, the answer to this question is always 'no' - the field is simply moving too fast for anyone to be able to take full advantage. However, if you have a realistic view of your needs, then you have a yardstick to help assess all the solutions out there. When you know what you need the technology to do, then you can wisely choose what hardware, software, platforms and techniques to introduce. 5. SEO has changed and it is going to change again Google - indeed all platforms offering broad search functions, from Youtube to Facebook - are constantly altering and optimising their algorithms. This, in turn, means SEO practice must constantly evolve to keep pace. So, if your SEO approach hasn't been overhauled in a few years, the time has come to give it some attention. Do a review of best practice and score how you cater to SEO in your online presences. Yet, because the underlying concept of SEO has not changed, the corrective actions you need to take may not be major. Then again, they might be! It is better to know unpleasant news sooner than outright bad news later. 6. Download the right new apps The remote work trend has gone mega and this means mobile productivity apps are very much of-the-moment. See, you can get a surprising amount done with just your phone and tablet. And apps are how it all happens … plus connectivity and a full battery, of course! Usually, apps are best for keeping an eye on things, boosting effectiveness on the "busy" tasks and enabling you to give your stamp of approval to work that needs your say-so to progress. In general, these are not value-adding tasks, just the value-neutral tasks that get in the way of the value-adding tasks. Now, there is no end of apps out there. So, as always, don't bother looking until you have some idea of what you need. 7. You are the ultimate business tool Health is the single most important aspect to consider for anyone running a business. It's the non-negotiable factor that governs everything else you are capable of. To adapt a quote from Arnold Schwarzenegger, being fit and healthy is "a status symbol. It reflects you worked hard for it; no money can buy it. You cannot borrow it, you cannot inherit it, you cannot steal it". This means that you must get enough sleep every night (most people need 7 hours or more). This means a healthy diet must become your preferred way of eating. This means that you should exercise every single day (except when sick). This means you must give your mind a rest too . Meditation isn't some mystic monkish thing, it's simply the practice of letting your thoughts come and go while you - the observer - stay peaceful and undisturbed by them. Think of it like this, meditating is mediating your mind. Take stock, choose wisely, make small steps in the right direction In this article, we've talked about some improvements you can make to what you're already doing. You don't have to do all of these at once. Start with the one that seems easiest and then stick with it to see if it works. Remember, it's not always about big changes. Often, you can make major improvements in outcome by making small changes to input. Doing the little things better. So take stock, choose wisely and be sure to make those small steps in the right direction for success today, tomorrow and the next day.
More Posts
Share by: