Passwords are useful, but even strong passwords have shortcomings. They can be figured out, given enough time. To be really secure, passwords must be changed more often in high risk organizations. This means that you must have a new strong password for logging into the system every month or so.
Eventually, there is a limit to remember many passwords. Furthermore, if a password is compromised, the attacker can have free reign in the network, and it may be difficult to catch the user as he is “authorized” to be here with a legitimate username and password. Therefore, we need some thing more than just strong passwords.
References And Credits:
1 – X. 800 and IATF 3.1 (Security architecture for Open Systems Interconnection for CCITT applications) and http://www.iatf.net/framework_docs/version-3_1/index.cfm
|
