Password Management Concepts and Best Practices
Read more:
- Best Practices for Challenge/Response Authentication: Constructing secure, usable policies for challenge/response authentication.
- Choosing Good Passwords: This document presents a plain-language guide to security threats posed by password cracking software, and how to apply good password rules to prevent security compromises.
- Password Policy Guidelines: Guidelines for secure password management, including policy on composition, transmission and aging of passwords.
- Password Management Best Practices: Best practices for enterprise password management. Classifies security threats and discusses practical strategies to counter password guessers, packet sniffers, sticky notes and more.
- Integrating Password Management with Single Sign-On: Integrating Password Management with Single Sign-On.
- Password Management for Mobile Users: Managing passwords for mobile users is more challenging than managing passwords to network-attached users. Challenges include managing local passwords on thousands of workstations, coping with cached credentials and supporting mobile users who forgot their initial workstation sign-on password.
- Password Management for ISP Subscribers: As ISPs scale to hundreds of thousands and millions of end customers, the cost to support repetitive problems such as password resets rises to significant levels, reaching millions of dollars annually. This document describes password management specifically for ISPs.
- Business Case for Password Manager Purchase and Deployment: Sample business case for justifying purchase and deployment of Password Manager.
- Password Reset for Locked Out Users: An objective comparison of alternate strategies to addressing the problem of helping users that forgot their initial network login password.