Managing Passwords, Securely

I recently wrote about the desire, by many, to see the death of passwords.  All negatives considered, if passwords go away, it won’t be because people don’t like them but because they lose their efficacy and cost proposition (they’re effectively free, transportable, satisfy the “something you know” criteria, and they’re easy to replace).

The Death of Passwords

Password Management

 

Good enough.

It’s not a concept most people associate with information security people or the approach to information security but it is something we in information security desire.  We don’t want to overburden ourselves with unnecessary work or even management of controls.