Updated: Aug 12, 2020
Effective ministry happens when your staff and members work as a team. But what do you do when you MUST share a ministry account password? Whether an email account, social media handle, or online banking, here are four tips to help your ministry share passwords more securely.
Develop password structure
The perfect situation would allow your ministry to use the same password for every account. We know we live in an imperfect world, so using the same password for all your church’s digital accounts presents a significant risk. If your password ever became compromised, all your ministry’s accounts would be at risk of tampering and unauthorized actions.
Developing a password creation structure for your ministry can help your church produce safer passwords for its digital accounts. Your password creation structure could include things like:
Strategic alterations to familiar words for your church or ministry
Replace vowels with numbers
Replace letters with special characters
The key is to make your password structure unique to your ministry and applicable to a plethora of potential passwords. You can always test your passwords through websites like passwordmeter.com and adjust based on your password report.
Use a password manager
One of the best ways to manage shared passwords and personal passwords is by using a secure password manager. Using systems connected to your web browser may be convenient but they typically are not the most secure option. Many password managers download directly to your device and require a secure login to access password information. The username and password for this account should be very strong and be kept by your ministry’s information technology (IT) manager or Board of Trustee’s Chair.
Many password managers have features that help you practice good password creation and usage practices. Some can even generate secure passwords for you that would be automatically applied so you won’t have to remember them. A premium feature that could help your ministry maintain password security is through applying login information without users being able to see the information. These are but some of the features available with different password manager applications. Be thorough in researching which one is right for your ministry.
Activate two-factor authentication
Whenever, wherever, and if ever available, use two-factor authentication. Your ministry should consider making this a part of your cybersecurity policy. All your ministry’s accounts should be connected to a standard church email address. Using two-step verification helps to ensure your ministry’s primary account stays secure and access is given on a per-case basis. Adding this feature is also useful in preventing unauthorized account logins.
Share information separately
If there is a need for a password to be shared quickly, send the login information in separate communications. Also, depending on the area of ministry (such as finance or facility management), securely sharing passwords may be necessary for transparency and accountability. Separating the account numbers, usernames, and passwords can make it harder for a hacker or unauthorized user to get access to information. Usernames or passwords are useless separate from each other. Placing all three in one email or text makes it easy for anyone who has access to that email to make changes to your account.
Your ministry’s cybersecurity is more important than ever. Using these tips, you can help your ministry keep its passwords safer. UMIP can help your church manage its exposure to risks. Request a property and casualty insurance quote today from our exclusive agency, Suracy Faith, at 866-203-0777 or UMIP@suracy.com.
CLICK HERE to subscribe to the Church Protection Connection and receive more great articles like this in your inbox every month.