Best Practices in Password Management and User Training

The perennial problem of password management is still proving a major headache for end users and the problems are only getting more complex - especially as companies start to weigh up the pros and cons of updating systems to work with newer forms of authentication. Phil Young, head of IT operations, Amtrak Express Parcels, told silicon.com password management remains a "nightmare" issue for many businesses. And he said it's "a very big issue and becoming bigger by the year", branding human-error activities such as writing down passwords as "a recipe for disaster".

John Odell, group IT director at BBA Group, said a lot of time and money is still being wasted by businesses responding to end user problems, such as having to reset passwords. He said: "This can be a big, expensive distraction from more productive work." But it's also a major balancing act between ease of use, security and acceptable risk which must be overcome. Odell said: "It's firstly a case of education and training. Fifteen or 20 minutes spent explaining to users password risks and how to deal with them sensibly, with regular reinforcement, would solve most of the basic problems. But how many organisations take the time? Firmer discipline would underline the message."

The link for this article located at silicon.com is no longer available.