Sharing passwords safely.

People frequently need to share account passwords with colleagues. The obvious and easiest way is to use email or internal instant messaging tools but these are both very bad ideas. Both keep data for extended periods which increases the probability that unintended people will discover the passwords.

A much safer way is to split the login credentials and send them via two unrelated channels. For example, send the username via email and the password via encrypted, private instant messaging.

An even better, and more convenient, solution is to use a password manager. These tools store passwords securely and allow you to log into a site without having to know the credentials. They also generate random passwords for new accounts. Taken together, these features make it easy to have a strong and unique password for every site.

Business oriented password managers also have features for teams such as easy sharing inside the company, updating passwords in a single place while avoiding the inevitable flurry of emails asking for the new password, enabling login without the ability to view the password and tracking password use.

Getting a password manager (also referred to as a vault) adopted in an organisation may sound like wasted effort but it will quickly become valuable as security is increased and “Please send me the password” emails vanish.