ESecurityGuy
USER: Visitor
PRINT PAGE
Home > Free Security Articles > Resource Articles > Password Management Tools August 1, 2010


Free Newsletter
Free Security Articles
Free Security Software
Free Security Tools

Security News

Feedback Form

Site Map


Username

Password

Click here to register.

Risks of Password Management Tools

Banks, hospitals, and other businesses are requiring usernames and passwords to gain access to their sites. Free e-mail sites, newspapers and even game sites require usernames and passwords. Often the requirement to use usernames and passwords is imposed to gain marketing data, however Federal and State legislatures are tightening laws (see HIPAA regulations and Gramm-Leach-Bliley act) and increasing criminal and civil penalties governing unauthorized access to personal information, making usernames and passwords mandatory just about everywhere.

The average web user can visit dozens of sites per hour, many of which are requiring authentication. The number of username/password pairs the average surfer must remember is increasing dramatically.

The Solution?

Most users see the following as potential solutions:
  • Use the same username/password identification (ID) for all sites.
  • Use the site name as part of the ID.
  • Write your site IDs down on a piece of paper.
  • Use a Personal Password Manager"
  • Use the built-in "Remember Password" features on your browsers.
  • Use a password service, such as Microsoft's Passport.

Surprisingly enough, a number of computer security experts advise to use the old fashioned method -- write your site IDs down on a piece of paper, and keep it in your wallet. If someone finds the paper, they're unlikely to know what it's about -- especially if you have used your own shorthand for web site names, user-IDs, or passwords.

Not the Solution

Although all of the above listed potential solutions have their drawbacks, some of the biggest names in computer research are advising to steer clear of Microsoft's Passport service. Passport is designed to allow Internet users to have a single sign-on. A user signs up for the service, creates a username and password, and that ID works all over the Internet. At least that's Microsoft's hope.

The Federal Trade Commission settled charges with Microsoft over complaints that Passport did not deliver on its promises. The Gartner Group, a computer research firm, is not only recommending businesses stop accepting Passport connections, but that they notify any existing customers of the security problems.

The Solution!

For today's technophobes, it's probably the paper and wallet. For the techies, have a look at Personal Password Managers. This isn't a problem that's going to get easier anytime soon.

See Also

View Responses (0) Post Response


Free Computer Security Newsletter
Your email address:

Your name:

Listen to Craig on ClearChannel radio every Saturday from 6 to 9am on WGIR, WGIP and WGIN. Visit WGIR

© Copyright 2003- 2007 DGKL, Inc. PRINT PAGE