Passwords are both the universal language for network navigation and the weakest link in network security, as fraught with peril as they are essential.

Experts say that because they are so closely linked to the ever-fallible human element, passwords cause the most headaches of any security mechanism. However, any enterprise, large or small, can take steps to minimize risk without resorting to cutting-edge and costly technologies like biometrics.

"The fact is that most people don't take the basic steps to protect their passwords, like changing them, so if passwords are a last line of defense, a network administrator has to take it upon himself to make sure it happens," Gartner vice president John Pescatore told the E-Commerce Times.

Security experts have long advocated forcing employees to reset passwords every quarter or even more often, especially if they are accessing sensitive data. However, passwords are already notorious at IT help desks, where lost passwords or locked-out employees absorb a considerable amount of valuable support staff time. More frequent password changes likely would increase the proportion of such calls.

[ Read more ]

Related items

• Article: How to Use Passwords Securely (22 April 2003)
• Article: Implementing Basic Security Measures (14 April 2003)
• Article: Cracking OpenVMS Passwords with John the Ripper (28 November 2002)
• Article: What makes a good Password? (13 November 2002)
• Article: A Note on Proactive Password Checking (24 September 2002)
• Article: Basic security with passwords (24 May 2002)
• Article: Passwords - The Weak Link (1 April 2002)