Cyber Access Control | MFA Enterprise Password Management | Access Smart

Passphrases are NOT Secure Passwords

With all the news articles regarding the cyber-attacks by Anonymous, China, India and the release of the weak passwords employees’ use, some “security pundits” recommend the use of “passphrases” instead of passwords. However, I have to pop their balloon in that without secure management a passphrase is no more secure than any other random password. Here’s why…

Let’s say you came up with the passphrase “The Cow Jumped Over The Moon”. Then you implement some clever moves to make it more difficult by reversing and adding in number substitutions to create, “n00MehTrev0depmuJw0CehT”. To make this secure passphrase convenient to use you may write it on a post-it note, save it in a spreadsheet file, use the same phrase for multiple accounts, etc. This is where most password security falls on its face.

The winning strategy has to be a combination of a single strong, unique password for every account and a secure means to store and manage those passwords. A password manager has to protect against physical means of attack such as over-the-shoulder-surfers, social engineering and desktop snooping, as well as cyber-attacks like phishing, viruses and pharming.

Power LogOn® by Access Smart® has been delivering multi-factor authentication, smartcard-based password management solutions for years. Users are able to store multiple passwords on a single smart card, no passwords are ever stored within a computer that others can access, and when the card is removed from the computer no critical logon data is left behind on the computer. If the card is lost or stolen all the passwords are protected because the card authentication includes a limited number of false entries before it is locked and needs IT assistance. From the users perspective a lost card is easily recoverable without having to change all your passwords.

Users passwords need to be de-centralized and always in the possession of the user. Power LogOn is being used by individuals, small businesses, and large enterprises. So don’t wait for Windows 8 to think you can securely manage your passwords, implement today and protect your data. Complex passwords are recognized as the way to secure accounts. Power LogOn allows individuals and businesses to securely manage all those passwords and for IT to be put back in control of logon security.