According to the National Institute of Standards and Technology (NIST), complex passwords that contain a variety of characters are strong, but the longer a password is,
There are several risks associated with storing your passwords in Google Sheets, including its lack of end-to-end encryption by default and lack of secure sharing capabilities. While Google Sheets uses a secure type of encryption, it does not use end-to-end encryption automatically, meaning anyone at Google can view your files. It is risky to store information as important as your passwords in Google Sheets because the software is not designed to be a password manager.
Continue reading to learn how secure using Google Sheets is, why you should avoid storing your passwords in Google Sheets and where you should store your passwords instead.
How secure are Google Sheets?
Google Sheets is only as secure as the Google accounts that own and have access to the spreadsheets. For example, if your Google account is hacked, the hacker would not only have access to your emails and contacts but also to any documents, files or spreadsheets created or shared with your Google account. If you store your passwords in Google Sheets and your Google account is hacked, the hacker could find your sensitive information and use it to compromise your other online accounts. Your Google account could be hacked if you stay logged in on several devices. By having a large attack surface, which is all the possible points where a hacker could access your accounts, you give a hacker more opportunities to compromise your data. Since Google Sheets is connected to the rest of the Google Suite software, there is a much larger attack surface, making Google Sheets more vulnerable to getting hacked.
Why you shouldn’t store your passwords in a Google Sheet
If you are looking to improve your password hygiene, you should not store your passwords in a spreadsheet like Microsoft Excel or Google Sheets. You may have been storing your passwords in these places because you felt like you had no other way of protecting your login credentials. Google Sheets is not the best place to store your passwords for a variety of reasons that we’ll now explore.
Google Sheets are not end-to-end encrypted by default
Because Google Sheets does not enable end-to-end encryption by default, you risk unauthorized users accessing your passwords and private files. Anything you create or send on Google Sheets can be read by anyone who has access to either your Google account or the account of whoever you shared the file with, including Google. When you use Google Sheets or any Google software without enabling end-to-end encryption, Google can control the encryption keys for all your files since they use a type of symmetric encryption. Because Google controls the encryption keys, if Google were to suffer a breach, your files and information within Google Drive could be compromised.
Sharing Google Sheets can be risky
Have you ever sent an email or text message to the wrong person? That could happen just as easily with a Google Sheet filled with your most confidential passwords. Like other Google Suite software, you can adjust the type of access you want a file recipient to have, such as the ability to edit, suggest or just view. However, you could accidentally share your Google Sheet with someone you didn’t intend to and now that person will be able to log in to your online accounts if they choose to use your passwords. Since you never know what people’s intentions might be, sharing Google Sheets with anyone could jeopardize the security of your online accounts. Additionally, if you’ve shared a Google Sheet containing your passwords with a family member or close friend, and their Google account were to get hacked, the hacker could potentially read your passwords in plaintext. Sending passwords to someone through Google Sheets, whether they are the correct recipient or not, can jeopardize the safety of your passwords and your privacy.
People can make copies of the Google Sheet
Because Google Sheets is intended for collaboration, you should not store your passwords in a Google Sheet, as anyone with access can make a copy of it. It is dangerous for a collection of passwords to be copied, especially in a workplace environment where passwords might need to be shared by multiple employees, because someone could share those passwords with others and compromise the security of online accounts.
Managing passwords in a Google Sheet can become a hassle
You might find it more challenging to manage your passwords in a Google Sheet than you had hoped due to some operational inconveniences. When you store passwords in Google sheets, you need to manually enter them to log in to your accounts. You might also forget where a password is stored if you have separate Google Sheets for work and personal passwords. This can be more time-consuming for you and even lead you to reuse the same password across multiple accounts to minimize adding more login credentials to your spreadsheet. You may also encounter difficulties while using Google Sheets if you need to grant people different access levels, such as one person needing to edit and another only needing to view. If you forget who needs certain access to your passwords, you may end up exposing your private information to individuals with malicious intent.
What is the best place to store passwords?
A designated password manager like Keeper® is the best place to store your passwords. Although both Google Sheets and Keeper Password Manager use AES 256-bit encryption to protect your private information, Keeper is zero-knowledge. This means your passwords can only be encrypted and decrypted locally on your device, only for you to see. Rather than risking a data breach at Google, you should use a password manager like Keeper that cannot compromise your passwords.
Another reason Keeper Password Manager is the best place to store your passwords is how easy it is for you to securely share your passwords. Using Keeper’s One-Time Share feature, you can share your passwords and other sensitive information with both Keeper users and non-Keeper users. When you use One-Time Share, you can choose how long someone can view your password and revoke their access at any time. Through the One-Time Share link, the recipient can only view your password, so they cannot change, copy or share it with anyone else.
Keeper Password Manager does not require you to create a Google account or use a specific device to take advantage of its features. You can access your passwords in your encrypted vault on any device and any web browser, making it more accessible to everyone. Without any limitations of needing a specific account or device to access your passwords, you can log in to all your online accounts with ease by using Keeper Password Manager, which will automatically and securely fill them on the corresponding website.
Don’t let a Google Sheet place your passwords at risk
Because Google Sheets is not as secure for storing or sharing information compared to Keeper Password Manager, you should not rely on Google Sheets to keep your passwords safe from cyber threats. You should use Keeper as your password manager because it securely encrypts your passwords with zero-knowledge security, allows you to share your records safely with authorized recipients, generates strong passwords and is compatible across all devices.
Start your free 30-day trial of Keeper Password Manager today to explore a risk-free way of storing your passwords and other private information.