RSS Alerts

Share

More services

Related Links

  • Quest Software
  • Elsevier Ltd is not responsible for the content of external websites.

Top 5 Stories

News

Quest webinar reveals corporate password strategies

10 March 2010

The tricky task of password management strategies has been reviewed and discussed in a successful webinar with analyst Nigel Stanley and password specialist Stuart Harrison of Quest Software.

In the webinar – a recording of which can be reviewed here – Stanley explained how a simple alphabetic approach to company passwords is no longer valid, with a six digit alpha code being crackable in around five minutes.

Coupled with the fact that many corporate staff have five or six passwords they use on a regular basis, the Bloor Research practice leader said that administering passwords in companies of all sizes is rapidly becoming a headache for IT staff, not least because of the requirement to change them on a regular basis.

Stanley advises that passphrases – a term he says better describes the credentials required to access computer-based systems than the 'password' term – should be changed every 30 days.

But this, of course, means that users must be prompted to change their passphrases and, if they fail to change them, action needs to be taken by management.

Stuart Harrison agreed on this point, outlining some of the strategies and solutions available from Quest to manage passwords, noting that there can also be headaches when it comes to helping staff recover their passwords – a process that always seems to happen on a Monday morning, and when staff return from holidays.

And in a lively Q&A session, the panel – moderated by Infosecurity's technical editor Steve Gold – answered the many questions that attendees posed, such as what security issues arise where companies use digital password storage technologies, and why biometric technology has not yet hit the mainstream.

According to Gold, the webinar offered attendees a thorough grounding in some of the many IT security issues that password management creates in any modern organisation, as well as revealing some of the strategies that organisations can employ to mitigate the risks that arise from this often overlooked aspect of security.

"Many people think that password management is an area that staff can administer themselves. This is far from the truth. As our webinar showed, there are a lot of issues that IT staff and their management are struggling to deal with, but the good news is that this even gave attendees a number of solutions to those issues", he said.

A recording of this interesting and informative event is now online...

This article is featured in:
Application Security • Biometrics • Compliance and Policy  • Identity and Access Management  • Internet and Network Security • Security Training and Education

 

Comments

security first says:

19 April 2010
This company has it figured out by using your livebiometric fingerprint as your username and password. Can't be fooled by making a impression of your fingerprint. Check it out at www.verifytouch.com

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012