Tekk Life: Users Love Passwords, Just Kidding They Hate Them

User and Passwords

At work the other day we had a situation which bears bringing up due to the issues involved with users and their passwords.  Anyone who has worked in IT from more then a week more then likely knows that users suck when it comes to password practices.  They make them the same on multiple devices.  They wright them down on paper and leave them on their desk.  Then they even have the nerve save them into a browser and then forget them since they have been saved in their for so long.  That is what happened at my place of employment the other day.  This is expected from users these days but how can we enhance our security practices with passwords and not piss off our users at the same time?



So what if a user saves all their password in Internet Explorer and forgets them which is what happens at my company a lot.  I have heard some IT pros say that "It's the user's fault for forgetting them so they will just have to reset every password."  Well that is a good attitude to have if you want to very easily piss off the user when you roll out new computers.  If you are ok with that then go right ahead.  But I think most sensible people will realize that pissed off users is usually something you want to avoid.  It makes their jobs more difficult and it makes your job more difficult if you are just butting heads with you users.  Do it enough and your users will just down right start to despise you.  So we have to handle this situation a little more tactfully.

Trying to Help the Users

This can be done by moving their saved IE passwords over to their new computers using something as simple as Windows Easy Transfer.  A few more minutes of your time and BOOM, happy user.  Well less pissed off users.  Lets face it any new computer situation is gonna make your users a little upset since it disrupts their normal flow.  But you have removed a major frustration from your user and that is a good thing because at the end of the day IT people are at companies to make the user more efficient.  Plain and simple that why we are where we are.  But that doesn't really solve the issues with passwords does it?

Make Password Easier

To really fix the problem the best solutions I have found so far is central password storage and management on platforms like LastPass.  Almost more important than that is user training.  Both of these will cause some friction with users because you either deploying a new system for them to learn and/or bothering them with training that they probably don't care about.  This has to be handled correctly as well to maintain a good relationship with your users but this can solve a lot of security issues that come up with mishandled passwords.

The real point I am trying to make here is that yes passwords should be handled correctly but your users are still people and you need to treat them like people even if they aren't handling things exactly as best practice says they should.  You also won't be able to maintain best practices all the time.  You can't when you are dealing with users which is pretty much all the time no matter how much you think a service is only used by IT.  IT is there to make the users more efficient, and in a lot of cases, keep the company secure.  Finding a balance between that can be difficult but it critical to making sure your users are happy and you are happy.  Forgotten passwords saved in IE is not one of the times you want to be a hard ass about security best practices.

Remember, user and passwords suck.  We need to maintain the best security we can.  But if we can do small things to help make a users life simpler then we go a long way to making the company run better as a whole and that is an important thing.
Share on Google Plus

About Richard Nihells

    Blogger Comment
    Facebook Comment

1 comments:


  1. Great post. I used to be checking continuously this blog and I'm impressed! Extremely useful information specifically the remaining part :) I take care of such information a lot. I used to be looking for this particular information for a long time. Thank you and good luck. gmail log in

    ReplyDelete