Passwords At Risk

Submitted by nlippincott on 25 October 2011 - 5:49am

Like many users these days, I have many usernames and passwords for the various systems that I use. On occasion, one of these systems will give me cause to consider the password for that system to be "at risk," or one that I believe has high potential for being compromised. Ideally, we should use a different password for every system that we use. This isn't practical, and I suspect very few people would even consider doing so. But when we use a system in which our password is at risk, we should ensure that the password we use on this system is one that we avoid using on any other system.

The system is question in one called My Cedar Crest, a portal used by students and faculty at Cedar Crest College. The event which caused me to consider my password to be at risk was the introduction of a new system, provided by a third party, for handling course evaluations. When this new system was deployed, faculty users were told to use their username and password from My Cedar Crest as their login credentials for the new system. This tells me that passwords are being stored on My Cedar Crest in an insecure manner. That being the case, if that database is ever compromised, so are the passwords on that system.

Whenever a system stores passwords in a database, those passwords should be encrypted. Further, the encryption mechanism should employ "one way" encryption. That is, the mechanism should be such that given a password, the encrypted form can be determined, however, given the encrypted form of the password, the original password cannot be determined. As such, the actual, original passwords are never stored in the database.

When a user logs into the system, the password entered is passed through the encryption mechanism to determine its encrypted form. The encrypted password is then checked against the encrypted password in the database and, if a match, the user is logged on to the system.

If a system uses such a mechanism for storing passwords, as it should, it will not be possible for that system, or an administrator of that system, to determine a user's actual password.

I also use a system provided by Pearson Education. One day, I needed to log on and had forgotten my password. By simply entering my e-mail address into a form on their web site, they sent me an e-mail telling me my username and password. This password is clearly at risk. If they were storing my password properly, they would not be able to give me that information.

People have a habit of using the same password form many system. When a password is at risk, should that system be compromised, the perpetrator has a password that may well be valid on other systems, and perhaps ones that contain sensitive information.

We need to be cautious about our usage of passwords. And when we discover that a system is storing passwords insecurely, such as with My Cedar Crest, we should identify all other systems in which we use the same password, and change the password on those other systems.

Tags: 
Blog Posts