Would you leave the door to your house unlocked if you weren’t home? Would you leave the keys in your car if you weren’t in it? I assume the answer to both these questions are “no”. Why would you want to leave your personal property unattended, when is there a chance something might be stolen? Similar questions can be asked regarding password management. How complex are your passwords? Do you feel as comfortable storing your personal and business information on your computer, as you do leaving your home locked and protected?
It seems like every other day there are new threats and reports of people being hacked and having their personal information taken. Having a secure and complex password is a way to combat this issue. An example of a strong password is one that has capital letters, numbers and symbols. You should have different passwords for various systems and applications. Always make sure the passwords are unique, lengthy and not easily guessed. Being able to reset your password on your own, with the use of secondary authentication methods is another way to implement extra measures to ensure the safety of your accounts.
Businesses are particularly vulnerable to employees and outside parties mishandling passwords. Private company information is stored throughout the organization on various files, systems and shares, so having a strong password management policy is especially important. Implementing password complexity rules and enabling end-users to reset their own passwords, is one way to enhance security measures.
Tools4ever offers a Self-Service Password Reset Solution called, SSRPM. SSRPM allows end-users to reset their own passwords based on a number of predefined security questions chosen by the organization. The employee will enroll in the product and answer a number of questions with personal information, which only they will know. When the time comes to reset their password, they will either go to the SSRPM Web Interface or click on the “forgot my password” link on the standard Windows logon screen. Once they initiate a reset, their questions will appear and they will only be able to reset if they answer their security questions correctly. By utiziling this method, the risk of fraudulent requests for password resets are mitigated and identity of the employee is verified.
Another way to enhance security is requiring end-users to enter a PIN Code in addition to their challenge questions upon reset. When the user goes to reset a password, a PIN Code will be sent either by text message or by personal email, this code will need to be entered accurately in order for the password reset to occur. By entering both the answers to the personal challenge questions and entering the PIN code, a company can be confident that password resets are only occurring by the users authorized to do so. This additional layer of security is known as two-factor authentication.
Standardized security measures are of the utmost important when trying to protect private information. To ensure that this data is secure, put a solution in place that will make it difficult for outside threats to access it. Remember the stronger the password, the stronger the security.