Home » Blogging

Passwords

Of course there is the funny side but when I get an email from a manager of a department that tells me “if all else fails I’ll just give my staff my password” then the humour stops and the alarm bells start ringing.

It seems a never ending battle explaining to users about levels of authority and why passwords are there in the first place but when it drip feeds into people who should already know better then you know you’ve got your work cut out for you.
Two factor authentication has to be the answer as, in my opinion, passwords have pretty much had their day as security methods alone. At least with two factor authentication if a password is released it’s useless without a hardware token.
Their has been a recent request to release our VPN secret key (which I hold dear) to a third party company owing to the fact that our ERP system is used by an associate company and the third party want their remote users to access the system but want to install the remote access software themselves (and consequently need the secret key to do so). This sends shivers down my spine but I don’t think I’m going to win the morale battle on this one so I need a solution and I need it soon.
Related Posts with Thumbnails

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.