Thoughts on Modern Day Password Management

by Carl Herberger

Will we always be talking about Proper Password Management?

In light of the recent compromises to Yahoo, I thought I would change gears a little from my normal blog focus and spend a moment on the topic of “what enterprises could be doing to better protect passwords from hackers.”

Today, the password problem has changed a bit to take on a new slant for a security professional, while the business problem remains constant.

Fundamentally, a business must ask the following question:

Do you care about the availability, confidentiality and/or integrity of “our” IT Systems or data? (Note: If the “IT Systems or Data” is your business, you can replace the whole question with the more existential and rhetorical question of “Do you care about your business?”)

If your answer is “Yes” to even a portion of that question — passwords are necessary. Why?

Read more: