How to set up a local password manager in your shop
At iZettle we work 24/7 to ensure 100% safe transactions. As a leading fintech company, it's part of our mission to raise awareness around online security. Today: the importance of passwords and how to set up a password manager!
No business is too small to get hacked
Often smaller retailers are easy targets since they don't have the resources or know-how to establish a basic security level. Imagine if you got hacked during the busiest time of the year. Lost sales, confused or upset customers – and overall lost confidence in your business. And lots of stress and anxiety to your already busy everyday-life! To use secure passwords is a great start to reduce the risk of cyber-attacks.
Often smaller retailers are easy targets since they don't have the resources or know-how …
“Stupid” passwords still exist
Many people pick a password based on something they’ll never forget. Like a family member or a pet. But keep in mind that there are thousands of algorithms floating around the web scanning your Facebook and LinkedIn accounts to create password suggestions based on those names. These automated virtual robots get to know you more than you know in order to successfully hack you.
To stay on the safe side – don’t save passwords in your browser.
Okay, so how do I not get hacked?
Pick an illogical and long password! Like an illogical sentence consisting of 35-40 characters. And the more illogical, the better. Whenever you’re trying to be smart and converting words into symbols and numbers – some other ugly fish or bot has most likely done the same.
How would I (ever) remember such different long and random passwords?
Because of your password manager! There is a ton of different ones available, I recommend KeePass because it's 1.) very straight-forward and 2.) operates locally from your desktop. It's a great local 'less is more'-option that might require some minutes to get into, but I promise – it's time well spent!
Create an illogical sentence consisting of 35-40 characters as your master password.
Why not a cloud-based password manager?
Password managers such as Dashlane, Roboform and LastPass might be easier to use, but keep in mind that they store all your password on their servers. And LastPass got hacked in 2015. The risk of someone hacking your encrypted KeePass-file is negligible.
Hold on, what is a "password manager"?
A software application that helps you create, organize and store passwords and other secrets.
Normally the passwords are stored in an encrypted file which means that you need to type in a master password to access them.
One can separate password managers between 1.) online and 2.) offline. This guide shows how to set up one of the most used offline (or local) password manager softwares.
Well, hook me up to KeePass!
Create a new password hub. Start off by creating a “New Database”. The database will be where you’ll store all your different passwords.
Double up! For maximum security, select both Password and Key file – it's basically like wearing both belt and suspenders.
Save your key-file. Save the key-file on your computer – later on back it up on a USB-stick.
The one and only (password). And now – come up with the only password you’ll have to remember. This is perhaps the most essential and crucial moment of this process, give it a few moments to come up with something that’s really clever and not logical. I made sure to include some different symbols, numbers and capitalized letters.
Create password categories. Now we’ve created an encrypted catalogue. I start by creating “groups”, so called folders to keep my different passwords well-structured.
Add accounts/entries into the groups. Groups created – Banking, Stock photo libraries, Social media etc. I now select “Add new entry” to add (and create) my Facebook credentials.
Create unique, long and illogical passwords. In this window I can easily generate a bulletproof password for my Facebook account.
Build your own password database. This is how it looks with more entries created in the my social media group.
Don't miss a thing!
Get the latest business hacks delivered straight to your inbox.
Save the database! Important, don’t forget to save the database. KeePassX doesn't automatically save changes (but you can change to that setting in Preferences).
Name the database. I named mine the key cabinet. In addition to the .key-file the database-file (.kdbx), these two files are your new most important files.
All set, what now?
Keep KeePassX running in the background on your computer. Generate new passwords, update all your accounts and store them safely in your encrypted file. Make it a habit to easily update all your passwords on a monthly basis!
Maintaining good security actually simplifies rather than makes your life harder.
Can I sync KeePassX with my phone?
You can, but then you loose the advantage of storing all your passwords locally. For mobile and tablets I recommend applications connected to the operating system, like Keychain in iOS.
Make it a habit to update your passwords on a monthly basis. Simply generate new ones in KeePassX, update your accounts and store the passwords safely in your encrypted file.
Security isn't that dark hole that makes everyday life more complex and troublesome. According to Sarbjit, security is a mindset that goes hand in hand with keeping things organised. Maintaining good security actually simplifies rather than makes your life harder!
Got a question? Shoot Sarbjit an email at firstname.lastname@example.org! And don't miss our previous "6 expert tips to stay safe online"-article.