Page 32 - index
P. 32
Automate the Resetting of Windows Passwords
By Derek Melber, Technical Evangelist, ManageEngine
Managing and protecting passwords has become a high profile concern due to many recent
password attacks on the Internet and within corporations. We were all affected by one of the
recent account and password compromises with Heartbleed, iCloud, Yahoo, Google, Twitter,
Sony and the U.S. Postal Service. When accounts are compromised, it is essential for users to
change their passwords to protect continued access to the account.
Compromised accounts are, however, just one of the issues that computer users are concerned
about. User account passwords within corporations can also be a burden due to the
requirements on password length, complexity and reset interval. When these requirements are
too stringent, users are left with limited options. Users feel they either need to write their
passwords down or try to remember them, knowing they will forget them most of the time. Given
these common and consistent password issues, it is time to consider more secure, more
efficient and more cost-effective solutions for resetting Windows-based passwords.
Passwords Provide Access
All corporate employees who use a computer are familiar with the requirement of inputting a
username and password in order to access their computers. Whether the computer is a desktop
or laptop, inputting a correct username and password is the only means by which the employee
can access the computer.
Within a corporate, Windows-based network, the username and password provide access
beyond just the computer itself. The user account credentials are required to gain access to
network resources such as data, applications, email, the intranet and even an avenue to the
Internet.
The password is the most important aspect of the user account credentials, as the username for
nearly every employee may be known due to obvious naming conventions. When all user
accounts use a username with the format firstname.lastname, it is simple for someone to know
every username for every employee. This leaves the password as the security barrier between
a computer hacker and the resource.
If the password is forgotten, the access to the network resources is denied because the
employee is unable to log on to the computer. On the flip side, if the password is long, strong
and hard for a computer hacker to obtain, the network resources are better protected.
32 Cyber Warnings E-Magazine – January 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
