So, it’s finally summer, soon to be the hottest on record in the UK! Everyone’s ready for their holidays and cheerful in the thoughts of a much-needed break from work. As the saying goes; “I wish you a long enough holiday that you’ll forget your computer password”. To the average user this sounds amazing, a real break and time to unwind and forget about work. Unfortunately, to an IT admin this saying marks the start of a time period consumed with resetting and updating users’ passwords. An ongoing affair that reaches peak when people return from holiday or, for the more forgetful, once every week. This costs the company, and staff, valuable time and money, not to mention it’s annoying for both the users and the IT staff in tow.
It is very similar to our dealings with airport security. For instance, my friend who plays a lot of rugby happens to look like a Bond henchman. He has a broken nose, scraggly beard and a Stewie Griffin voice that just doesn’t quite fit his well-built exterior. Consequently, wherever we go he is seemingly always stopped by security due to his questionable appearance (like a smuggler or drug dealer). It’s gotten to the point where we take bets on how many times he’ll be stopped by airport security on a trip. Jokes aside, it can become infuriating. Both sides are only trying to do their job; security to keep everyone safe and him to successfully board the plane for his holiday. This is also the case for the example given above; users are just trying to log on to their account and the software that blocks them is only trying to keep hackers out.
A password is much like a passport; managed correctly it will give you access to what you need. For instance when entering a foreign country, your passport gives you access to visitation rights and privileges. In the past, a strong password has been the mainline source of protection to companies, beyond the weak versions such as; “Password1234”. While a passport documents and identifies the individual and their rights to join the country, a password identifies the individual and their rights to log in to the system. This has left systems open to easier account takeover through credential stealing. Unfortunately, passwords are still largely a main stay in our security network, opening the environment to fraudulent use to other parties, and requiring good password hygiene to be effective. Sometimes, even well automated alternatives, such as the facial recognition system at airports like Heathrow, simply cannot recognise you if it doesn’t match your passport picture enough. In my case I had to awkwardly explain my way through passport security due to having grown stubble and losing weight since the time my passport photo was taken.
There are now new technologies promising to remove issues of password management and help desk queries alike, saving time and money for all parties. The equivalent to having the bureaucracy updating a digital passport in the background for you to travel freely and uninterrupted; not sat awkwardly on the border line wondering what you did wrong, beyond losing weight and letting your stubble grow slightly.
So, what are you doing to deal with this? More people are looking to new vendors, such as Secret Double Octopus, to solve password related issues. Passwords are weak, as they rely on human weakness (we have to easily remember it), and as we all know, humans are the biggest security flaw. Secret Double Octopus takes passwords, and therefore human error, out of the equation. Here at Armadillo we can align you with vendors like them to help close off that chink in the chain of your security.
Written by: Ryan Short, Internal Account Manager at Armadillo.