Audio Blog: Challenges of Password Management and Best Practices
Employees face a challenge on a daily basis, and this challenge consists of having to access multiple systems and applications throughout the day, like unlocking a Windows desktop, logging into internal and external web resources and applications, accessing a UNIX server and the employer’s VPN technology.
And, oftentimes, each system and or application requires different credentials for authentication.
There are some employees who have no problem remembering different usernames and passwords. And then there are those that give it three tries before they’re locked out and start harassing the Helpdesk. And… a few choose to rely on the good old post-it note they stick on their monitor, openly and publicly. Uh oh… do I hear “account to be compromised…?”
To make matters worse, IT departments require employees to choose complex formats for their passwords… you know between 8 and 16 characters long with at least 1 uppercase letter, 1 number, and/or 1 special character and they also require that it be changed every 30 or 60 days. For many folks out there, those requirements compounded by multiple systems can be overwhelming, hence the infamous post-it notes.
This ecosystem creates inefficiencies such as loss of productivity and increased costs. Did you know, for example, that replacing one password can cost up to $70? Yes, that’s what it can cost in human capital and machine resources to handle one password reset request.
Now, to avoid accounts from being compromised because a password was accidentally “stolen”… Because, it’s always accidental, isn’t it? All sarcasm aside, to strengthen the level of user authentication, many organizations have implemented 2 factor authentication or even multi-factor authentication solutions. You know, that’s when you submit your username and password and then you receive, for example, a text message prompting you to enter a code online. Those solutions certainly make it slightly harder to compromise an account, however they’re not foolproof. At the end of the day, any hacker can steal a username, a password and a mobile number stored inside a company’s centralized system.
So, to mitigate the risk, biometrics have been added into the mix. And you’re all aware of what those are: Touch ID, Face ID, and for some of the more advanced ones, iris recognition. A login page, a QR code to scan from a mobile application, a biometric-based authentication, and the employee is in! No more username and password needed. The mobile phone is something the employee has and the biometric data is something the employee is.
There are quite a few passwordless solutions out there, and they have definitely brought users a significant level of convenience. Now, if I were a Chief Information Security Officer and one of their clients, what should be my number one priority? Come on… Yes: SECURITY! I would want to make sure that my employees’ information, including their biometric data is securely stored. And THAT’s a major advantage we at 1Kosmos have over our entire competition. Our competitors store data in a non-encrypted form, so they are at the mercy of any decent hacker. At 1Kosmos, we store users’ data ENCRYPTED in a distributed ledger. If you’re somewhat familiar with Blockchain technology, you know that it is virtually impossible to compromise. Combining biometric data and Blockchain technology gives our clients confidence that 1Kosmos and data breach are mutually exclusive.
Learn more by listening to the audio blog below: