Passwords. Sometimes it’s the only important attribute that stands between your important data, information and a hacker. We’re told time and time again that we need stronger and robust passwords as this will prevent cyber-attacks, and yet we continue to use easily guessed passwords (though we’re getting better).
Edward Snowden exposed the NSA for questionable practices concerning how they search through our information, and states that the common 8 character password only takes about a second for a computer to pick out the correct password. Instead he suggests you create a passphrase, something that’s memorable but hard to guess.
However as John Oliver attests, many users would not prefer to do this as it could be too hard or too complicated to remember, especially where majority of the websites require you to login with credentials to access data. This has seen to result in a common practice where individuals use the same password for multiple accounts. Mat Honan, a journalist had his accounts hacked as he had used the same password for all of them.
Password Synchronization is a type of authentication that allows for users to remember one password for all of their websites. Hypersocket’s password protection, as part of Access Manager, enables users to manage their own accounts. This gives users better control of their access, while taking out the hassles of trying to remember several passwords for several accounts.
But if the user only needs one password, couldn’t that be hacked in order to gain access?
This is the beauty of password synchronization and of Hypersocket’s service. IT administrators are still able to handle security, even more effectively than before; because the account is tied to one password (and thus one account), the IT staff can easily identify any issues with one account, instead of several. It also means that retired accounts, those of employees who no longer work at the company, can be easily disabled, easily mitigating unauthorized use.
Former and disgruntled employees are often at the root of data and information breaches.
For the end user, the process of just needing to change one password versus several hundred means less time spent trying to come up with secure passwords or worse, just coming up with the bare minimum in order to gain access to the information they need. This means more time can be devoted to being productive, as information that is needed is quickly at hand; no down time waiting for passwords to be reset.
Strong passwords, as Snowden mentions, are the key to dealing what experts have called ‘password chaos’, where users have multiple identities and passwords; ZDNet have reported that this is one of the predominant threats to e-commerce developments.
When deciding a strong password, users should choose characters that are not easily guessed. Personal details such as birthday, addresses, family names or the word password can be easily guessed.
This Blog was brought to you by Hypersocket Software and its CEO, Lee David Painter. With over 20 years of industry experience as a pioneer in IT Security, Lee developed the world’s first OpenSource browser-based SSL VPN (SSL-Explorer). Today, Lee runs Hypersocket Software, a leader in Password Self-Service solutions.