Ensuring Personal Password Privacy in Shared-Vault Environments

One of the obstacles to the adoption of enterprise password managers is ensuring personal password privacy in shared-vault environments. This article discusses the issue, explains why it is important to address it, and suggests a solution to overcome employee concerns.

The number of threats to online security is increasing every day; and, as the majority of threats exploit human error, user susceptibility to phishing, and weak or stolen credentials, many more businesses are implementing vault-based password managers that enable them to securely assign unique, complex passwords for corporate accounts to authorized users.

Vault-based password managers help mitigate online security risks universally across platforms – making them ideal for remote workers and businesses operating BYOD policies. Furthermore, they can also be used to store and autofill credit card details, addresses, and other data – increasing productivity by reducing transaction times and further reducing the risk of human error.

The Challenge of Changing Users´ Behaviors

However, one of the challenges of deploying an enterprise password manager is changing users´ security behaviors. In many cases, business users are accustomed to unsecure methods of “password management” such as writing passwords down, saving them in an email, or copying and pasting them into a spreadsheet; and it can be difficult to get users to change their ways.

Please see the HIPAA Journal Privacy Policy

One of the ways in which enterprise password managers attempt to change users´ behaviors is by providing shared-vault environments. Shared-vault environments consist of an “organization” vault through which corporate information is shared, and a personal vault for each user to store and use their own login credentials, credit card details, addresses, and other data.

The theory is that, by providing users with a personal password manager, it raises their awareness of online security. When they start using the password manager for storing personal credentials, it changes behaviors relating to online security; and when behaviors change, it helps build a culture of security throughout the business. Unfortunately, the theory doesn´t always work like it should.

Ensuring Personal Password privacy in Shared Vault Environments

The Flaw with the ABC Theory

The flaw with the ABC theory is that users don´t necessarily trust personal password privacy in shared-vault environments. Although access to each shared vault is controlled by the user via a user defined master password, most enterprise password managers have an admin password reset capability to reset the master password if the user forgets what it is. This capability could also be used to reset the user’s master password without their knowledge to access their private data.

Although it is illegal for employers to access users´ passwords without their knowledge in 25 states, disabling the admin password reset capability won´t necessarily reassure users about their personal password privacy because it only takes the click of a mouse to re-enable the capability. However, deploying a password manager without this capability can cause more problems than it would solve should a user forget their master password because it means their personal data will be inaccessible.

There is a workaround involving businesses deploying a password manager without an admin password reset capability, but this involves backing up users´ personal data so if a user forgets their master password, a new account can be created, and the personal data imported into the new shared-vault environment. However, this process can add significantly to the administrative burden of implementing an enterprise password manager – and a better solution exists.

Ensuring Personal Password Privacy in Shared-Vault Environments

The solution to the admin password reset issue is to have users doubly secure their password vaults via two-factor authentication (2FA). Although this adds a further step to the initial login process, it means employers will not be able to use the admin password reset capability without the user´s knowledge and participation (because the user receives the 2FA code, rather than the employer).

This not only adds an extra layer of security to the enterprise password manager and eliminates the threat from brute force attacks, but also reassures users of personal password privacy in shared-vault environments – overcoming any concerns about storing personal credentials in an enterprise password manager and putting the ABC of enterprise threat prevention back in motion.

Most enterprise password managers support doubly securing password vaults with 2FA, and some – for example, Bitwarden – include mandatory 2FA security as a password policy option. In conclusion, if your business has implemented an enterprise password manager, but is experiencing challenges with user adoption, it may be because of concerns relating to personal password privacy in shared-vault environments – a challenge that doubly securing vaults with 2FA may be able to overcome.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.