Friday, May 24, 2013

Four Simple Solutions for Introducing Complex Passwords

You want to introduce complex passwords with a view to improving information security. But the introduction of such stronger passwords, which also have to be changed regularly, leads to resistance among end-users. After all, they have to remember of multitude of password/username combinations. This results in non-secure situations – employees write down passwords on Post-Its – and many password reset requests to the helpdesk. Here are four simple solutions with which you can indeed introduce complex passwords into your organization, but without causing frustration among users.

1.    Reduce the number of passwords with Single Sign On

Reduce the number of passwords and ensure that employees only have to remember one, complex password instead of dozens. Single Sign On ( SSO) offers the ability to do this. SSO lets employees log in just once, after which access is automatically granted to all applications and systems the user might open. So the staff-member doesn’t have to log in afresh for each application. And that saves an average of three to five logins with varying passwords each day.

Perhaps you want to do away with even this remaining password? In that case SSO can be deployed in combination with an access pass. The security card your employees use to gain access to the premises or for time and attendance, then replaces the final password/username combination. By presenting a card to or into a reader and if required, entering a PIN code, the user is automatically logged in. When the employee again presents the card to a reader, he or she is then logged out.

2.    Automatic password synchronization

Would it not be ideal if the same password/username combination could be used for every application? The difficulty here is that the passwords almost always have an expiry date and need to be renewed regularly. And the expiry date is not the same for every application. For some applications a new password has to be set monthly, while other software might only require it once a year. It’s virtually impossible for users to reset a newly-introduced password in all the other required applications so that the password would then indeed be identical everywhere.

However you can actually automate this very well with solutions for password synchronization, which ensure that passwords are and remain synchronous in multiple systems. The newly-set password is then immediately intercepted and forwarded to all other applications.

3.    Help users to create strong passwords

Employees often find it difficult to come up with complex passwords. Some applications insist that the password must contain an uppercase letter, a punctuation mark or a figure. Or that the password must differ from the old one by X percentage. 

That’s why users need some help in creating new, strong passwords. Password creation tools assist users to produce their passwords. The established complexity rules are shown when users configure a new password, and they are notified whether the relevant requirements have been met.
 
4.    Let users reset their passwords themselves
As mentioned earlier, the introduction of complex passwords leads to an increase in the number of password reset requests to the helpdesk. To ease the burden on the helpdesk it’s possible to let users reset their passwords themselves. Users identify themselves by correctly answering a number of personal questions (e.g. ‘What’s your mother’s maiden name?’) and can then reset their own passwords, without the intervention of the helpdesk.

A combination of these solutions means time-consuming registration procedures are a thing of the past and the helpdesk is relieved of the problems. Users benefit from maximum user-friendliness, while productivity rises.

For more information, please visit our website.

No comments:

Post a Comment