Passwords
Submitted by jasonslater on Friday, 18 May 2007No Comment
Of course there is the funny side but when I get an email from a manager of a department that tells me “if all else fails I’ll just give my staff my password” then the humour stops and the alarm bells start ringing.
It seems a never ending battle explaining to users about levels of authority and why passwords are there in the first place but when it drip feeds into people who should already know better then you know you’ve got your work cut out for you.
Two factor authentication has to be the answer as, in my opinion, passwords have pretty much had their day as security methods alone. At least with two factor authentication if a password is released it’s useless without a hardware token.
Their has been a recent request to release our VPN secret key (which I hold dear) to a third party company owing to the fact that our ERP system is used by an associate company and the third party want their remote users to access the system but want to install the remote access software themselves (and consequently need the secret key to do so). This sends shivers down my spine but I don’t think I’m going to win the morale battle on this one so I need a solution and I need it soon.
Subscribe now and never miss a post
RSS Subscribe
Loading ...
Leave a comment!