Store and share enterprise passwords securely

Should organizations use password safes to store and/or share enterprise passwords?

In spite technology improvements with applications using biometrics and strong authentication, the « classic » password remains the most common method for protecting access to enterprise data.

Today, with the multiplication of applications including Web, B2B, B2C, banks, devices, social media and e-commerce sites, the number of passwords to manage and maintain for each individual for each application is multiplying exponentially even as the associated risks of having a weak password are increasing.

With all the recent high profile successful hacker attacks on e-commerce, banking and government sites, it is becoming clear that we need to employ passwords which are more complex and if possible unique for each application accessed.

How can we create more secure passwords and remember them ?
 

The length of the password is perhaps the most important criteria in a strong or hard-to-crack password, with 15 characters being the length recommended by security experts. In addition, regular password changes, the use of special characters and numbers are also highly recommended.

Therefore the problem becomes, "How do we remember several dozen unique long passwords which are changed regularly?" This is an impossible expectation for most users who then look for a secure place to store them.

When functional accounts are shared among people or teams, such as administration accounts, it is necessary to find a method of sharing the password which is safe and efficient.

Today, users are adopting their own personal password saving «solutions» including creating an Excel spreadsheet protected by a password or using personal telephone «Apps» like KeePass, pwsafe and many other personal convenience tools.

These solutions are workable but far from optimal. The administration and the sharing of passwords are not auditable and granular. If a person with important access and management access gets run over by a tram, the passwords to manage many mission-critical systems may disappear to the organization and the access may need to be painstakingly recreated.

SecureWinBox is a web-based solution which makes it possible to keep, manage, share, audit, transport and generate passwords within organizations. The password store is kept safely on premise on an enterprise server. If an employee leaves an organization for any reason, it is easy to find all the systems where he had access and change only those passwords to keep them secure.

The principle behind the solution is very long AES keys which encrypt individual “Safebox” storage vaults. Then, each user receives an “instance” of the AES key encrypted with his own public RSA key. If a Safebox is shared, the user receives an instance of the AES key which is encrypted with his own public key.

In this way, each user will use his own personal key to access the Safebox.

Let us know if you would like to evaluate the solution. It is easy to install and use from a PC or a smartphone.

Sign Up To Our Newsletter