Password is the most common method for users to authenticate themselves when entering computer systems, networking infrastructures or websites. It acts as the first line of defense against unauthorized access, and it is therefore critical to maintain the effectiveness of this line of defense by rigorously practicing a good password management policy.

Single Sign On Management Solution Services Provider Malaysia
i-11

APPM

Single Sign On Solution malaysiacredential management solution provider

APPM solution manages privileged and shared account passwords (root, administrator, public accounts) by changing the password regularly and...

LEARN MORE
i-2

IRASS

iRASS (Identity Remote Access Security Server) is a lightweight client software that manages the communication between the client and the target...

LEARN MORE
i-3

OTP

OTP (One Time Password) is a 2 factor authentication (2FA) and the mobile is available on both Google Play Store and Apple App Store...

LEARN MORE
i-4

ORISS

ORISS offers the integrated OTP authentication and RADIUS authentication capabilities in a single solution. With the additional built-in...

LEARN MORE

Did You Know ?

45%

of IT administrators don't bother with complex passwords or fail to change their passwords on a regular basis.

50%

of employees the leave the company actually still log into ex-employer account after leaving the company.

TOP 3

most common passwords are P@$$w0rd,123456 and qwerty. It takes a hacker just TEN MINUTES to crack.

Security Threats to Password Management

Denominator of the password-based access control

brute-force-attack

Brute-force attack

An attacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.

Sniffing attack

A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key. Unencrypted password could be captured when send over a network.

Sniffing-attack
Man-in-the-middle-attack

Man-in the-middle attack

As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. Man-in-the-middle attacks are like someone assuming your identity in order to read your message. The person on the other end might believe it is you because the attacker might be actively replying as you to keep the exchange going and gain more information. A form of eavesdropping where communication between two users is monitored and modified by an unauthorized party.

Advanced Persistent Threats

An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization. Well-coordinated and sophisticated targeted attack to steal sensitive information.

Advanced-Persistent-Threats

Security Threats to Password Management

Denominator of the password-based access control

brute-force-attack

Brute-force attack

An attacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found.

Sniffing-attack

Sniffing attack

A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key. Unencrypted password could be captured when send over a network.

Man-in-the-middle-attack

Man-in the-middle attack

As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. Man-in-the-middle attacks are like someone assuming your identity in order to read your message. The person on the other end might believe it is you because the attacker might be actively replying as you to keep the exchange going and gain more information. A form of eavesdropping where communication between two users is monitored and modified by an unauthorized party.

Advanced-Persistent-Threats

Advanced Persistent Threats

An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization. Well-coordinated and sophisticated targeted attack to steal sensitive information.

Enterprise passwords are the keys to your IT kingdom.
Guarantee your Password Security with SecureKi

Need Visibility & Control ?

CONTACT US