Password Management Overview

An effective password management policy is critical to secure your IT environment. Combine password formation and usage best practices with tools that promote attack resiliency to ensure that your systems are protected.

The overall security level of an enterprise is the sum of many security foundation elements: strong perimeter ./res/defenses, the proper configuration of system resources and effective controls for resource access. Protecting application and data resources requires, among other things, authenticating the people that access those resources. In turn, the integrity of the authentication process depends on uncompromised, secure passwords. IT security directors can manage passwords effectively, and thus better secure the IT environment, by following these best practices.

Deploy password management technologies and technical safeguards.

The operational implementation of a password management policy requires the deployment of technologies that reduce user and administrative burdens, as well as techniques that protect passwords from internal and external attacks. Password synchronization and single sign-on technologies can significantly reduce the password management burden. Self-service password reset technologies can dramatically reduce the volume of help desk calls relating to passwords. Finally, IT security organizations must understand the different internal and external attacks against passwords and users, and implement technical safeguards.

You didn't make a mistake when you forgot your password; however you were largely mistaken when you failed to use password management software that allows you to login to all of your web-based accounts automatically without having to type the login and password information. With the password manager, there is no need to remember passwords as they are retrieved from a secure password database and submitted automatically. Still, if you need to actually see your passwords, you can always find them in your personal passwords database.

IT security organizations that implement these policy and technology best practices will achieve a required foundational element for a secure IT environment: effective and efficient password management.