Password Management Best Practices
- Self-service - Anywhere:
Explains how Password Manager addresses the login problems experienced by mobile users with full disk encryption, cached credentials, smart phones, smart cards and tokens.
- From Password Reset to Authentication Management:
The evolution of password management -- from simple password reset to enterprise-scale management of all credentials.
- Password Management Best Practices:
Best practices for enterprise password management. Classifies security threats and discusses practical strategies to counter password guessers, packet sniffers, sticky notes and more.
- Password Policy Guidelines:
Guidelines for secure password management, including policy on composition, transmission and expiration of passwords.
- Challenge/Response Authentication:
Constructing secure, usable policies for authenticating users who forgot their password by asking them to answer a series of security questions.
- Password Reset for Locked Out Users:
An objective comparison of alternate strategies to addressing the problem of helping users that forgot their initial network login password.
- Password Manager Deployment Best Practices:
Outlines best practices for designing, installing and rolling out Password Manager to an enterprise-scale user population.
- Password Management Project Roadmap:
A roadmap for password management projects, starting with a needs analysis, through requirements and product selection, and including deployment and ongoing management of the system.
- Integrating Password Management with Single Sign-on:
Compare and contrast password synchronization, password reset and enterprise single signon (SSO). Describe installation conflicts and integration points between these different technologies.