1 / 12

First Thoughts On Password Management

First Thoughts On Password Management. Technical Study G roup April 2011. Agenda. Risks to websites and PC files Components of password management policy Password management systems Password management software - criteria Determinants of password management policy

mira
Download Presentation

First Thoughts On Password Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. First Thoughts On Password Management Technical Study Group April 2011

  2. Agenda • Risks to websites and PC files • Components of password management policy • Password management systems • Password management software - criteria • Determinants of password management policy • Assessing exposure levels • Proposed password management policies • Password management software - examples Steve Pearce - Betaplus Club April 2011

  3. Risks to Websites & PC files • PC file not password protected or encrypted • PC file or Website password forgotten • PC or Web password found/broken by hacker • From home PC if stolen • From laptop if lost or stolen • From mobile device if lost or stolen • From infected public computer • From website of service provider (bank, retailer etc) Steve Pearce - Betaplus Club April 2011

  4. Screen clipping taken: 06/04/2011 03:31 Steve Pearce - Betaplus Club October 2010

  5. Components of Password Mgt Policy • Choice of passwords • Strong, memorable, duplicated, when changed? • Choice of password management system • Choice of access points for critical websites • Home PC, laptop, mobile, public PC? • Choice of location for critical PC files • Credit/Debit Card policy Steve Pearce - Betaplus Club April 2011

  6. Password Management Systems • Hard copy – notebook, Post-It notes etc • Internet browser password memorisation • Protected data file on PC or Cloud • Personal code for password generation • Password management software • PC based • Cloud based • Mobile device based Steve Pearce - Betaplus Club April 2011

  7. Password Mgt Software - Criteria • Feature set • Password generation • Automatic password entry • Portability (laptop, mobile device, web access) • Ease of use / Help and support • Security • Unbreakable master login • Encryption • Backup capability • Integrity of Supplier Steve Pearce - Betaplus Club April 2011

  8. Steve Pearce - Betaplus Club October 2010

  9. Establishing Password Mgt Policy Depends on combination of: • Exposure level of file or website • Required locations for PC files • Home PC, laptop, mobile device PC? • Required access points for websites • Home PC, laptop, mobile, public PC? • Sophistication of your PW mgt system Steve Pearce - Betaplus Club April 2011

  10. Assessing Exposure Levels Steve Pearce - Betaplus Club April 2011

  11. Proposed PW Mgt Policies Steve Pearce - Betaplus Club April 2011

  12. Password Mgt Software - examples • Passwords Plus • http://www.dataviz.com/products/passwordsplus/pwp_features.html • Roboform • http://www.roboform.com/ • Password Safe (Android) • https://market.android.com/details?id=uk.co.kuffs.free.passwordsafe&feature=search_result Steve Pearce - Betaplus Club April 2011

More Related