There are several risks associated with storing your passwords in Google Sheets, including its lack of end-to-end encryption by default and lack of secure sharing capabilities.
Updated on April 3, 2024.
The safest way to send passwords to coworkers, family members and friends is by using a digital password manager. Password managers ensure that when sharing passwords with others, they’re always encrypted and cannot be intercepted while being shared. The best password managers use zero-knowledge encryption to protect your data at rest, in transit and in use.
Continue reading to learn more about what makes password managers the safest way to send passwords, plus risky ways of sending and storing passwords you should avoid.
What is a password manager?
A password manager is a cybersecurity tool that helps you create, manage, share and store passwords. In addition, a password manager can also help you store and manage passkeys, files and images. One of the best things about password managers is that they give you peace of mind knowing that you’re not increasing the risk of your accounts being compromised.
A password manager is the safest way to send passwords
Keeper Password Manager uses multiple layers of encryption, making it virtually impossible for cybercriminals to decipher the data. Keeper is zero knowledge, meaning the user’s data is encrypted and decrypted at the device level and not in Keeper’s servers or the cloud. Only the user the data belongs to can decrypt their data by using their master password or biometrics. Even in the unlikely event that Keeper is breached, a cybercriminal would be unable to compromise a user’s data.
Keeper Password Manager offers secure sharing features that make it easy to give employees, friends and family shared access without exposing the actual credentials. Users are also given full control over their credentials and can revoke access to them at any time.
Risky ways to send and store passwords
Knowing the risky ways of sending and storing passwords is just as important as knowing how to send them securely. Here are some risky ways of sending and storing passwords to avoid.
Online documents
Apple Notes, Google documents, Microsoft Word documents and other online notes applications may be an easy way for you to jot down information, but these apps were not created for storing and sharing private login credentials and other personal information.
Although some documents can be password-protected, many document software platforms do not offer encryption, two-step verification or any additional security measures. An unauthorized user who manages to get a hold of your device can easily copy the document and send it to themselves, giving them access to any information in the file.
Email servers
Emails are one of the most popular forms of communication in the workplace. They are usually sent in plain text and without encryption. If your email inbox is ever compromised, the unauthorized individual would have full access to any passwords that you’ve sent through email.
Passwords sent via email often pass through several systems and servers. There will also be a copy in your sent folder. Even if you have deleted previous emails, they may live in other folders and files on your account. Some email platforms store data locally on a drive. If your equipment — such as laptops, computers or phones — is ever stolen, your passwords are at risk of being compromised.
Text messages
Similar to email services, text messages have no security. Your text messages are readable to anyone who intercepts them, especially if you suffer a SIM-swapping attack. SIM swapping happens when someone convinces your mobile carrier to activate a new SIM card. If the mobile carrier falls for the scam, the person will receive all of your text messages and phone calls, which they can use to convince others to send them login credentials.
Additionally, If your mobile device is not password protected and lands in the wrong hands, an unauthorized individual could gain access to all your previous private conversations. The same holds true if someone you shared your credentials with via text message has their phone compromised.
Online messaging apps
WhatsApp, Slack and Microsoft Teams are popular messaging apps for communication between coworkers. Although many of these cloud services are encrypted, people often leave them open and operating in the background. If you are ever working in a public setting and casually leave your device unattended, an individual with malicious intent would be able to access your password in seconds.
In June 2021, a group of cybercriminals used Slack to trick an employee into helping them break into EA Games. The group managed to purchase stolen cookies that provided them with login credentials to gain access to an EA Slack channel. They then messaged IT support members saying they lost their phone at a party. IT support provided them with a Multi-Factor Authentication (MFA) token, allowing them to gain access to EA’s corporate network. This situation proves why sending any sensitive information through these messaging apps can be a dangerous practice.
Physical documents
Writing passwords in a notebook or on a sticky note may prevent online cybercriminals from accessing your credentials. However, they can still be stolen by someone in the offline world.
Writing down credentials can also be dangerous if you or someone else loses the physical document. Not only does the information go missing, but it may also potentially fall into the hands of someone with malicious intent.
Verbally
Although a face-to-face conversation with someone eliminates any paper trail, there are still risks associated with saying your credentials out loud. For example, you risk third parties eavesdropping your conversation and jotting down the credentials you say out loud. If you choose to share passwords over the phone, you risk being recorded.
How Keeper helps you safely send and store your passwords
Keeper Password Manager makes it easy for organizations and individuals to store and share passwords with anyone. By using Keeper to store and share passwords, you can ensure that they’ll always be strong, you won’t forget them and you won’t be placing them at risk of compromise when sharing them.
To see how Keeper Password Manager enables you to send passwords securely, sign up for a free 30-day personal trial or 14-day business trial today.