logo
g Text Version
Beauty & Self
Books & Music
Career
Computers
Education
Family
Food & Wine
Health & Fitness
Hobbies & Crafts
Home & Garden
Money
News & Politics
Relationships
Religion & Spirituality
Sports
Travel & Culture
TV & Movies

dailyclick
Bored? Games!
Nutrition
Postcards
Take a Quiz
Rate My Photo

new
European Travel
Action Movies
Bible Basics
Houseplants
Romance Movies
Creativity
Family Travel


dailyclick
All times in EST

Low Carb: 8:00 PM

Full Schedule
g
g Computer Careers Site

BellaOnline's Computer Careers Editor

g

Shared Passwords Are Evil

Guest Author - Julie L Baumler

Computer accounts, whether for a computer, application or website, serve several different purposes. They provide a way to determine who is using a computer or service. They are used to determine whether and what that person or system is authorized to do (like be there in the first place.) They provide a way to keep information belonging to different users separate. Sharing passwords (or other less common authentication methods such as cryptographic keys or tokens) invalidates these. Of course, sometimes you don't care about any of those things, you just need something in the account in order to get your work done. This is usually when and how password sharing occurs.

A common situation is that a group of employees share a single account to do some task. This could be anything from the root password shared among administrators to a login to an informational website. Often, sharing passwords starts as an expedient (or a necessity due to poor design) and becomes a habit. People share passwords because they need access to resources to get their job done. Often the resources multiple people need are all assigned to one account, and those people share it. Unfortunately, once people are sharing one account, often it turns into multiple shared accounts, because if it is OK to share one because that's what needs to be done to get the work done, then why not share the password for another account in order to get other work done?

A major problem with shared passwords is the difficulty that occurs when the password needs to be changed. First, every time someone who has the password leaves the company or is given other duties the password needs to be changed. Second, every time the password is changed, everyone has to be notified. Often, no one person knows all the people who use a shared account, because the information is shared whenever someone needs access to those resources. This means that you don't actually know when you should be changing the password or who to tell.

It is extremely common for people to use the same password for multiple accounts. Although none of us would do this, what happens if a coworker uses a password from a shared account for one of their personal accounts? I'm not comfortable knowing peoples' passwords. And suppose the person did something wrong using that account (or ran up a big bill) and then claimed it wasn't them (a process known as repudiation in the information security world), stating that all their coworkers knew their password because it was the same as the shared account? You'd have to know their username, but in many cases that is publicly available or easy to guess (for instance, email address is often used as a user name on web sites.) I don't know if they could successfully repudiate their actions or blame a coworker using that argument, but it's a scary thought.

As you can see, while sharing passwords often seems efficient, it can cause much bigger problems down the line and should be avoided whenever possible.

The I Know Your Password cap pictured above is available at Amazon.com
This site needs an editor - click to learn more!

Add Shared+Passwords+Are+Evil to Twitter Add Shared+Passwords+Are+Evil to Facebook Add Shared+Passwords+Are+Evil to MySpace Add Shared+Passwords+Are+Evil to Del.icio.us Digg Shared+Passwords+Are+Evil Add Shared+Passwords+Are+Evil to Yahoo My Web Add Shared+Passwords+Are+Evil to Google Bookmarks Add Shared+Passwords+Are+Evil to Stumbleupon Add Shared+Passwords+Are+Evil to Reddit




Career Lessons From Computer Gurus
Degree Requirements For Computer Careers
Computer Careers Shop
RSS
Related Articles
Editor's Picks Articles
Top Ten Articles
Previous Features
Site Map


For FREE email updates, subscribe to the Computer Careers Newsletter


Past Issues


print
Printer Friendly
bookmark
Bookmark
tell friend
Tell a Friend
forum
Forum
email
Email Editor


Content copyright © 2014 by Julie L Baumler. All rights reserved.
This content was written by Julie L Baumler. If you wish to use this content in any manner, you need written permission. Contact BellaOnline Administration for details.

g


g features
Archives | Site Map

forum
Forum
email
Contact

Past Issues
memberscenter


vote
Poetry
Daily
Weekly
Monthly
Less than Monthly



BellaOnline on Facebook
g


| About BellaOnline | Privacy Policy | Advertising | Become an Editor |
Website copyright © 2014 Minerva WebWorks LLC. All rights reserved.


BellaOnline Editor