Hitachi ID Systems, Inc.

Hitachi

Overview Password Problems

Headlines

Hitachi, Ltd. acquires M-Tech Information Technology, Inc. ... More»

Problems in Managing Too Many Passwords

Managing multiple passwords is complex. This complexity produces usability, security and cost problems.

Users often have too many passwords. Each password may expire on a different schedule, be changed with a different user interface and be subject to different rules about password composition and reuse.

Some systems are able to force users to select hard-to-guess passwords, while others are not. Some systems require that users change their passwords periodically, while others cannot enforce expiration.

This complexity leads users to try to select trivial passwords, to avoid changing their passwords and to write down their passwords. When users do not violate security policy in any of these ways, they forget their passwords and generate significant help desk call volume.

Password problems are a top problem at most IT help desks, frequently accounting for 25% or more of the total volume of IT support calls.

Passwords are certain to remain in widespread use for a long time. Other authentication technologies, such as biometrics, smart cards and two-factor tokens, typically rely on passwords as either a second authentication factor (e.g., biometric plus password; token plus password/PIN) or as a backup authentication factor where the primary method is inaccessible (e.g., use a backup password instead of a smart card where a reader is unavailable).

Consequently, it's important to address password management problems: they are not likely to go away as other authentication technologies are deployed.