A password is like your underwear. Change it frequently, don't share it with others, and don't ask to borrow someone else's.
—Unknown
Passwords are the keys to your system’s locks. Without good passwords, you have no security. Unfortunately, few users (and bosses) understand that you don’t need to hack a system (from inside or Internet) if you have a password. So they choose poor passwords, never change them, share them freely, and rationalize their behavior with several foolish myths.
My co-worker needs access to my e-mail, calendar and data, so I need to share my password. Wrong. Your file server and mail server provide several efficient ways to grant others selective or complete access; some are self-service! Consult your system administrator. Best of all, it’s much easier for co-workers to access your data on their system under their user account than to have to log on elsewhere as you.
You’re an administrator; you have access to everything. Why shouldn’t I tell you my password? Accountability. Some operations leave an audit trail to later determine who did what and when. If your administrator knows your password, he or she can impersonate you. Thus, your administrator doesn’t want to know your password because he or she becomes a suspect if a user wreaks havoc. That’s why network software is designed so that administrators cannot view user passwords.
I have nothing to hide. Well, good for you! But, even if you didn’t create it, even if it’s not in “your” folder, if there is any data to which you have access that outsiders should not see, you need a strong password, and you need to keep it a secret. If you still think you have nothing to hide, check with all your co-workers before compromising their data. Some will likely object. All data (even yours) becomes sensitive when the wrong person (competitors, vendors, etc.) sees it.
When you dig into it, as any system administrator must, you find network security is surprisingly subtle and complex. And it grows ever more so with every new hacking technique, virus and employee termination. There are many more reasons why you need to protect your password than could be covered in this newsletter. This just scratches the surface. Unless you understand all the consequences, do not compromise your system's integrity by sharing your password.
Security is only as strong as its weakest link. Don’t let it be your password.
We are pleased to announce that F. C. Designs has engaged JRVsystems to provide system administration and custom software.
©2012 JRVsystems. All rights reserved.