Password is the most common method for users to authenticate themselves when entering computer systems, networking infrastructures or websites. It acts as the first line of defense against unauthorized access, and it is therefore critical to maintain the effectiveness of this line of defense by rigorously practicing a good password management policy.

i-2

IRASS

iRASS (Identity Remote Access Security Server) is a lightweight client software that manages the communication between the client and the target...

LEARN MORE
i-3

OTP

OTP (One Time Password) is a 2 factor authentication (2FA) and the mobile is available on both Google Play Store and Apple App Store...

LEARN MORE
i-4

ORISS

ORISS offers the integrated OTP authentication and RADIUS authentication capabilities in a single solution. With the additional built-in...

LEARN MORE

Did You Know ?


Security Threats to Password Management

Denominator of the password-based access control


Brute-force attack

An attacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.

Sniffing attack

A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key. Unencrypted password could be captured when send over a network.

Man-in the-middle attack

As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. Man-in-the-middle attacks are like someone assuming your identity in order to read your message. The person on the other end might believe it is you because the attacker might be actively replying as you to keep the exchange going and gain more information. A form of eavesdropping where communication between two users is monitored and modified by an unauthorized party.

Advanced Persistent Threats

An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization. Well-coordinated and sophisticated targeted attack to steal sensitive information.

Security Threats to Password Management

Denominator of the password-based access control


Brute-force attack

An attacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.

Sniffing attack

A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key. Unencrypted password could be captured when send over a network.

Man-in the-middle attack

As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. Man-in-the-middle attacks are like someone assuming your identity in order to read your message. The person on the other end might believe it is you because the attacker might be actively replying as you to keep the exchange going and gain more information. A form of eavesdropping where communication between two users is monitored and modified by an unauthorized party.

Advanced Persistent Threats

An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization. Well-coordinated and sophisticated targeted attack to steal sensitive information.

Enterprise passwords are the keys to your IT kingdom.
Guarantee your Password Security with SecureKi

Need Visibility & Control ?