About Us | Contact Us
Home > Knowledge Center > The Password Paradox
 

Knowledge Center Overview
White Papers
Fact Sheet
The Password Paradox
 Press Releases
Demo
Quick Start Guide
Tutorials
Manual
FAQs

The Paradox of Password Policies

When developing a password policy, it's important to consider the paradox of password security. A weak policy is inherently insecure, but an overly stringent policy will result in users breaking the rules. by writing down or sharing passwords or storing them in an unprotected computer file.

It's a good idea to encourage users to change their passwords on a regular basis because if an attacker gets a hashed or encrypted copy of a password, the hacker can eventually break the password. Changing passwords on a regular basis can help mitigate that risk.

However, requiring users to change their passwords invites even more user fatigue, creating more passwords to remember, which invites breaking the rules, or it causes more help desk calls to reset lost passwords.

Ideally a company could require employees to remember and properly use many secure passwords resulting in optimal security. In reality, after a certain point, as the number and strength of required passwords increase, security begins to decrease as employees take short cuts with their passwords. Therefore requiring too many strong passwords actually has an inverse effect on corporate security.

Click the button below to download an eWeek podcast in which Bill Carey, our VP of Marketing, discusses The Password Management Paradox as well as several potential password management solutions.

 








Home | Features | Solutions | Knowledge Center | Pricing | Download
Privacy Policy | Security Policy | License Agreements | Sitemap
Press & Awards | Careers | About Us | Contact Us

Copyright © 1999-2009 by Siber Systems Inc. All rights reserved.

PC Magazine Editors’ Choice Award Logo is a registered trademark of Ziff Davis Publishing Holdings, Inc. Used under license.