Quest webinar reveals corporate password strategies

In the webinar – a recording of which can be reviewed here – Stanley explained how a simple alphabetic approach to company passwords is no longer valid, with a six digit alpha code being crackable in around five minutes.

Coupled with the fact that many corporate staff have five or six passwords they use on a regular basis, the Bloor Research practice leader said that administering passwords in companies of all sizes is rapidly becoming a headache for IT staff, not least because of the requirement to change them on a regular basis.

Stanley advises that passphrases – a term he says better describes the credentials required to access computer-based systems than the 'password' term – should be changed every 30 days.

But this, of course, means that users must be prompted to change their passphrases and, if they fail to change them, action needs to be taken by management.

Stuart Harrison agreed on this point, outlining some of the strategies and solutions available from Quest to manage passwords, noting that there can also be headaches when it comes to helping staff recover their passwords – a process that always seems to happen on a Monday morning, and when staff return from holidays.

And in a lively Q&A session, the panel – moderated by Infosecurity's technical editor Steve Gold – answered the many questions that attendees posed, such as what security issues arise where companies use digital password storage technologies, and why biometric technology has not yet hit the mainstream.

According to Gold, the webinar offered attendees a thorough grounding in some of the many IT security issues that password management creates in any modern organisation, as well as revealing some of the strategies that organisations can employ to mitigate the risks that arise from this often overlooked aspect of security.

"Many people think that password management is an area that staff can administer themselves. This is far from the truth. As our webinar showed, there are a lot of issues that IT staff and their management are struggling to deal with, but the good news is that this even gave attendees a number of solutions to those issues", he said.

A recording of this interesting and informative event is now online...

What’s Hot on Infosecurity Magazine?