Let’s go password less, because passwords are bad! Part 1
Quite a statement, passwords are bad? Today I’d like to explain why you should work on better security by using other authentication methods than just 1 password.
Why passwords are bad
Password are problematic, very often you see that passwords fall in the hands of unpleasant people. Here are a few things that might happen with a password:
- Cracked
- Stolen
- Intercepted
- Eavesdropped
- Phished
- Reused
Most of the of the above are caused by human mistakes. Think about writing the password down because the password policy was so strict that users start writing it down, or selecting simple passwords like Summer2019. And than there is the phishing, ever received an email from your bank that your account has been deactivated? or that you received an important message?
Basically, passwords are in the way, people forget their password, or people leave or use it where they shouldn’t. Did you know that 81% of the security incidents and breaks ins are caused by leaked passwords? Also very interesting is the fact that on a average 20% of IT cost exist of password resets. Who didn’t receive a phone call from an employee after an holiday that they forgot their password….
Complicating factors
The current techniques are improving fast. And with the cloud comping up it means that more complexity gets added. Think about federation, different usernames, certificates and Multi Factor Authentication. This is requiring more and more from your end-users. And in Europe, there is the GDPR… Causing more headages than simplifying it management.
What to do about the passwords?
What are the options to simplify IT security for the end users?
- Start implementing Windows Hello for your company devices.
- Avoid user credential prompts by implementing Single Sign-On
- Transition to a password less environment (Single Identity management)
- Eliminate the password where possible
All of the options might not (always) be possible, but you should at least do your outmost best to reach this goal.
Next week I will look deeper in to the solutions for going password less. So follow me on Twitter: #2azurenl / LinkedIn: Cor den Boer / Subscribe: www.2azure.nl (subscribe on the right)