Making Passwords Secure: Missing the Weakest Link in Cybersecurity


Yes, Passwords are Secure! They are not going away; they can’t. The attacks we see daily is not a password authentication problem, but rather a password management nightmare. Has your organization put their employees into the role of Network Security Administrator? If you allow them to generate, remember, type, manage and know their logon passwords then IT has delegated network security to the employees.

There are so many errors, misconceptions and lies about passwords security. Here are five basic truths:

  • Passwords are a secure method for cyber authentication.
  • Passwords are not going away anytime soon.
  • When passwords are managed like private keys, then they are just as secure.
  • Private keys, symmetric keys and biometric templates are only glorified passwords.
  • All those crazy schemes to help users remember and generate passwords actually make them less secure.

For years I have been arguing for password security. Well, I have now written a book that sets the record straight, debunks many of the false believes about passwords, and explains the SIMPLE TRUTH about Multi-Factor Authentication. Plus, I introduce a whole new security infrastructure: Password Authentication Infrastructure (PAI).

If you want to learn the truth about passwords, check out my book: Making Passwords Secure: Fixing the Weakest Link in Cybersecurity on Amazon.com. Here is the introduction of my book to give you a glimpse as to what I discuss.

Introduction

The information in this book is a game changer for both businesspeople and technical people. Business owners, corporate officers, agency managers, and financial decision makers will gain a high-level understanding about what the IT administrator or Chief Information and Security Officer (CISO) worries about and needs in order to protect the business.

The CISO, IT Administrator, and other technology recommenders will gain a greater appreciation for what the business side must have to create purchasing approvals and be better able to communicate what they need, without bogging the business folks down with tech speak.

By arming you with targeted information to make informed decisions about cybersecurity technology, this book is designed to help you implement the best security solution for your organization, become a hero in the boardroom, and protect against a security breach that would seriously damage your company.

It is essential for everyone to understand the one link in your company’s computer security chain that is the most ignored and overlooked hole in cybersecurity:

User Authentication and the Management of Passwords.

There are those in the computer security industry who claim that passwords are dead. They are wrong. You’ll learn why in Chapter 1. There are those who believe passwords are insecure. They, too, are wrong. That’s in Chapter 2. There are those who claim that certificate-based authentication is super-secure and is the only way to protect data. They are only partially correct because certificates are not as strong as they would like you to believe. That’s in Chapters 3 and 7. In Chapters 4 and 5, you will learn how many companies, even ones with extensive backend security, could be leaving their virtual front door unlocked. And if anyone ever tries to convince you there is no way to calculate cybersecurity’s Return On Investment, have them read Chapter 9. Finally, Chapter 10 will give you a step-by-step plan to implement the right cybersecurity infrastructure for your situation. These are just a few reasons to read this book.

The many mistaken and incomplete understandings about cybersecurity that are commonplace today drove me to write this book. The truth in this book may not set you free, but it will save you time, money, and valuable resources.

In November 2014, I was invited by a very large computer software company to learn about their newest product and the latest security features they had implemented to protect their customers’ information. While the presenter spoke, I sat quietly listening and nodding, but expressing no excitement or praise for what they were conveying. Afterward, the presenter came over to me and asked me point-blank if I was impressed with what they had done. I told him I was impressed, but I had one simple question. The conversation went something like this:

Dovell: “How do you log in to your software?”

Presenter: With a confused, but also ‘you’re an idiot’ look on his face, he said, “With your computer.”

Dovell: “Yes, I understand. But how do you log in to your software?”

Presenter: In a perturbed voice, he said, “With your user account information.”

Dovell: “Right. That’s great. But how do you log in to the software?”

Presenter: Now, in a tone of almost pure disgust and a ‘Why am I wasting my time with you’ attitude, he said, “With your user name and password.”

Dovell: “Exactly! And as soon as my password is stolen, all that amazing backend security no longer matters.”

That was the moment when he finally understood the importance of secure authentication. The software was Microsoft’s Azure. From that meeting I worked with Microsoft to put out a press release how our Power LogOn® and Azure secures your data from Fingertips to storage.

Cybersecurity needs to start when the computer is first turned on. If just anyone can turn on your computer, all security bets are off. If you wait until the user is past the firewall to authenticate him, you are too late.

As the owner, manager, or chief officer of a business or agency, you are responsible for funding cybersecurity investments. If you don’t understand what you are buying and why you need it (or don’t need it,) then how can you know if you are making the right choices?

According to the National Cyber Security Alliance, forty percent of small- to medium-size businesses are victims of a cyber breach. Sixty percent of those SMBs go out of business within six months. And while large enterprises may be able to weather an attack, they will spend hundreds of thousands to millions of dollars in damage control and trying to shore up their computer networks. Even then, money cannot solve all the issues of a successful data breach.

No matter what size business or agency you are dealing with, this book will lead you step by step along a path to protect your data, your company, and yourself by understanding and building secure, trusted identity authentication. That trust begins by first… Making Passwords Secure.

Find out more right now and please share this post or however you like  to share good news! 🙂 

Remember to be Access Smart,

Dovell

Leave a Comment

Leave a comment

Leave a Reply