Password Synchronization

Password synchronization is any process that helps users to keep the passwords that they use to log into different systems the same. There is some debate as to whether password synchronization makes systems more secure, or less. The arguments are as follows:
Synchronization reduces security:
If a single system is very insecure, then compromising that system will give an intruder the passwords for every other system in the network. This is prevented by requiring users to use different passwords on different systems.

Synchronization improves security:
Users with many passwords have trouble remembering them, and consequently write them down. System security is reduced to the physical security of a piece of paper -- i.e., almost no security at all.

In practice, it is hard or impossible to prevent users with unsynchronized passwords from writing them down. The two scenarios (synchronized vs. different passwords) therefore boils down to:

  • Synchronized passwords: as secure as the least secure system on the network.
  • Unsynchronized passwords: reduce protection to that provided by slips of paper.

Since most systems make at least some effort to protect their passwords, synchronized passwords are more secure. To mitigate the risk of a single system compromise being leveraged by an intruder into a network-wide attack, there are some password management guidelines to follow:

  • Very insecure systems should not participate in a password synchronization system.
  • Synchronized passwords should be changed regularly.
  • Users should be required to select strong (hard to guess) passwords when synchronization is introduced.

The bottom line is that a single, hard-to-guess, regularly changing password is more secure than multiple passwords, some of which may be easy to guess, some of which may not be changed regularly, and all of which may be written down.