As if corporate IT cyber security teams needed another headache, last Thursday, it was Yahoo that reported the theft of approximately 450,000 Yahoo user’s email addresses and passwords from their password management system. These were not just to Yahoo accounts, but those of other companies as well. The email information was stored on the Yahoo Contributor Network, a content-sharing platform.
Several technology news websites identified the hackers as the D33 Company, which stated they stole the unencrypted passwords through SQL injection — a commonly-used attack whereby hackers use rogue commands to extract data from vulnerable websites.
While the breach is not as serious as the numbers might indicate, since Yahoo reported just five percent of the identities taken from their passwords management system were associated with its customers, it is yet another wakeup call.
While reporting on the story, CNET’s Bridget Carey cited Declan McCullagh’s recent analysis of passwords, which found the most common password used today is “123456”. Other popular, but very weak passwords include the word “Password” and “NCC 1701”, which Trekkies will recognize as the registry of the Starship USS Enterprise. If you use that, you may live long, but you won’t prosper.
But weak passwords are just part of the issue. IT cyber security teams and IT help desks at organizations ranging in size from SMBs to enterprises (the corporate kind, not the starship kind) are already overburdened with user requests. IT cyber security increasingly relies on a password management system to address one area of frequent tickets: users locked out of their computers due to forgotten passwords.
Avatier’s Password Management™ provides a simple, elegant way to give users the flexibility they expect, while arming IT cyber security and help desk teams with the control they need to keep their network secure. Password Management is the newest piece to help IT cyber security and help desk teams manage the identity access and management (password IDM) puzzle through self-service password reset.
Password Management enables users to securely reset a forgotten password, unlock an account or reset an RSA SecurID PIN from the privacy and convenience of their workstation’s logon screen in a matter of seconds. It synchronizes a network password with the password safe stored locally in memory on a computer. IT cyber security and help desk teams can manage features such as leveraging semi-private personnel data to auto-populate user security authentication enrollment questions and set expiration dates, forcing the user to update these questions.
By turning to an automated password reset tool, IT cyber security and call center teams can help ensure users always have secure access to their information, while protecting users from themselves through features that promote enterprise password management best practices. To learn about Avatier’s password management system, watch the Avatier Password Management Product Introduction and the Password Management Password Reset Software Customer Testimonial videos.
Learn the Top 10 Password Management Best Practices for successful implementations from industry experts. Use this guide to sidestep the challenges that typically derail enterprise password management projects.