TMCnews


TMCnews Featured Article


June 14, 2011

Ways to Improve Your Password Security Through Password Reset Software

By David Sims, TMCnet Contributing Editor


Password reset software is a hot topic now, and as crucial and important as passwords are as a central security mechanism, as Jacqueline Leclair, manager of IT consulting at Baker Newman Noyes wrote in a recent blog post, “They can be fairly easy to crack or guess.”

And the thing is, as far as password reset software measures are concerned, it only requires users to take a few precautions to help prevent this from occurring.

Leclair explains that password parameters are frequently secured at the system level, but “this does not usually prevent the end user from creating a password that is fairly weak.” You know -- your first name with “1234” tacked on. Nobody’s ever thought of that one before. With increased risks associated with password security, and with such services as password reset software so handy, the need for end-user training is crucial here.”

There are, as she says, lots of ways of cracking passwords. One of the simplest is simply a word list or dictionary program to break the password. These use a word list or character combination, she explains, “and compare it against the password until they find a match.”

Or a bit more trickery could be involved. Someone could make a phone call to an end user impersonating a help desk technician or someone can simply take a password they see written on someone’s desk. No, we know you’d never be so careless, but there are those who would.

“Making sure your password is constantly protected is something every business must be aware of. If you do in fact need to change your password, password reset software helps make the process much simpler for the user,” wrote TMCnet recently.

“There are many different types of password reset software on the market today. One type of software available is self-service password reset, which is a technology that lets users who have either forgotten their password or have been locked out of their account repair their own problem, without calling the help desk,” the website advised.

Leclair recommends the following checklist as steps to utilize in order to create a quick and useful training session and increase your system’s overall security:

  • Do not use dictionary words, proper nouns, or foreign words within a password.
  • Do not use personal information such as your dog’s name, child’s birth date, or town of residence.
  • For systems that have limitations to what password parameters can be set, educate the user to follow the desired length, complexity, and other factors.
  • Educate users on ways to remember passwords, such as using the first letter of each word in a phrase they can remember.
  • Educate users on common social engineering approaches and help prevent users from being fooled by fraudulent social activity.                                               

David Sims is a contributing editor for TMCnet. To read more of David’s articles, please visit his columnist page. He also blogs for TMCnet here.

Edited by Jamie Epstein