It seems inconceivable that 9 out of 10 supposedly secure passwords are susceptible to breach. However, in May, 2013, Deloitte published a study in www.computing.co.uk titled "Ninety Percent of Passwords Are Vulnerable to Hacking". How could this be and how does this finding impact your enterprise password management strategy?
The root of the problem is complex. For starters, people tend to reuse their passwords over a number of networks and systems and base passwords on whole-word phrases. Why? Because it’s tedious to keep up with all of the password policy requirements on various systems, so it is much easier to keep it simple.
In fact, human behavioral tendencies around password resets are so predictable that hackers have identified established patterns around password creation, leaving countless secure networks highly vulnerable to breach. The study states that on average, users have 26 password-protected accounts, yet use only 5 passwords across those accounts.
Because different applications, systems and websites vary significantly on the efficacy of security policies, the password that a user generates for a gaming site and reuses for login on your network is cause for serious concern. This reuse creates a bridge for hackers to infiltrate your network, and it’s critical to proactively manage your corporate password policy risk.
The right enterprise password management software empowers you to take control of password management within your organization and protects you from a wide-scale breach resulting from an insidious infiltration on a single user’s account. The key is automated password reset tool that allows you to halt hackers in their tracks in real-time before they wield serious damage.
And it’s not just PC passwords that you need to worry about. With the infiltration of personal mobile devices in the workplace, the points of entry for hackers increase significantly. Mobile passwords are typically even less secure than what users generate on their PCs and therefore more dangerous.
While the statistics around password management vulnerability seem staggering, there are measures that you can put in place to keep a handle on enterprise password management and password reset policy enforcement.
It starts with automation. At Avatier we recognize how important it is for administrators to be able to react quickly and decisively around network security. And, we know that with all the outside threats lying dormant around password management that it’s essential to be able to both track and control passwords on a granular level and modify and delete user accounts in real time.
When there’s systemic risk, IT administrators need to be able to instantly lock down systems by immediately pushing through policy revisions throughout the password management system, including the cloud.
These enterprise password management software capabilities fortify you against the threat of password breach. And with 9 out of 10 of outside user accounts vulnerable — and creating a bridge to your networks — you need to be paying attention.
A proactive approach — and the right password management software solution — gives you the peace of mind that you need, and the security that your organization warrants. Don’t get hacked. It’s a horrible headache, completely preventable, and when it happens inexcusable.
Watch the video to see how senior security analysts at Gwinnett Medical Center discuss their active directory password reset success:
Learn the Top 10 Password Management Best Practices for successful implementations from industry experts. Use this guide to sidestep the challenges that typically derail enterprise password management projects.