The present invention relates to password management, and more particularly to enterprise password and key management for establishing a user's credentials.
Password and key management is a challenging task in today's enterprise computing environments. Users are regularly forced to change their passwords to improve security. However, a recent study shows that most users only change their old password by changing only 1 or 2 characters, thereby reducing the effectiveness of these security measures.
Users may operate in a variety of secure environments that each require the user to provide authentication credentials, such as a user name and a complex password. Memorizing more than two complex passwords is not easy, so users may only use a limited number of complex passwords across the different secure environments, which introduces an additional security risk.
From the enterprise perspective, managing a transient body of users and employees who join and leave certain companies and teams is a challenging task. Adding and revoking accesses and passwords needs to be automated and handled more efficiently.
Current systems do not leverage hardware, smart cards and RFID/NFC tags. These devices when configured properly are extremely secure. For instance smart cards are considered HSM (hardware security module) and breaking smart card security is not a trivial task.
As can be seen, there is a need for an improved software and encryption schema that combines hardware, key files and a single strong password that is memorized by user to harden and secure all accesses, keys and password belonging to the user.