• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Sara Edlington

Freelance Technology Content Writer

  • SERVICES
  • HOW WE’LL WORK TOGETHER
  • HOW MUCH WILL THIS COST?
  • PORTFOLIO
  • ABOUT SARA
  • HUMANS VS TECH
  • PRIVACY POLICY
    • TERMS AND CONDITIONS
  • CONTACT

cybersecurity

16th February 2022 by SaraEdlington

A different approach to password security

My name is Sara, and I suffer from password overload. And I have a feeling your staff does too. It’s a security nightmare in the making.

So, what can we do? How about a counter-intuitive approach – use fewer passwords.

Less is more

A report from the Centre for the Protection of National Infrastructure and CESG (National Technical Authority for Information Assurance) suggests they’re only used where they’re needed.

Other options to replace passwords include single sign-on, password synchronisation, biometrics, or hardware tokens. These might cost more, but they mean your system is more secure as you’re less at risk of a password being compromised.

And when you do use them, then the report says: “The important thing is that your organisation provides a sanctioned mechanism to help users manage passwords, as this will deter users from adopting insecure ‘hidden’ methods to manage password overload.”

The report suggests using password managers or something physical like a secure cabinet. If that sounds a bit daft, let me tell you a quick story.

Old school style security for modern problems

A small company I worked with stored their admin passwords in a wall safe. In a pre-password era, someone had attempted to get into this safe using an acetylene torch. The thieves went away empty-handed because the safe’s door was so thick that even the acetylene torch couldn’t get through it.

This worked. The two staff members who had access to the safe would get the password they needed, enter it, then put it back in the safe. So yes, it relied on them being conscientious about returning the passwords to the safe. But most importantly, this system worked for this company.

And that’s one key to password success, a system that works for your staff. Password overload is a human problem, and it needs a human solution that is easy to use.  

The safe story also raises two more points about passwords. First, the more difficult it is to get to your passwords, the better. Only the most ultra-determined hacker is going to spend hours of their time trying to get hold of them. They like to phish in more accessible pools.

The second point is that they can’t hack passwords if they’re stored in, say, a safe or off your connected network. Unless they physically go to the location and rob the safe or get into the remote machine.

But how do you help your staff deal with password overload? I’ll have a look at a few ideas next post.

If you need marketing or learning content on passwords or cybersecurity issues, I can help.

Filed Under: Uncategorised Tagged With: cybersecurity, security training

Footer

Twitter
Follow Me
LinkedIn
Instagram

Contact: Sara Edlington

Copyright 2022. All rights reserved.

  • SERVICES
  • HOW WE’LL WORK TOGETHER
  • HOW MUCH WILL THIS COST?
  • ABOUT SARA
  • HUMANS VS TECH
  • PORTFOLIO
  • PORTFOLIO – SPECIALIST TOPICS
  • CONTACT
  • PRIVACY POLICY

Copyright © 2022 · Hello! Pro 3 on Genesis Framework · WordPress · Log in