One of the main failures of online security is in the passwords and in the management of the same, either by the user or by those responsible for or management, since they usually establish weak passwords so that they are easily remembered.
In these days it has been heard a lot about the subject, whether it is the interference in the mail of a famous actor or singer, as well as the leakage of information from large business sites or the leakage of personal data that have put many in trouble, as the famous case of the "safe" dating site, 'Ashley Madison'.
There are large companies that offer free email services and that many users conveniently access, for the ease of entering accounts and managing them easily by the user, hackers simply knowing or getting the answer to the question asked to renew the password enter and then change the password.
Through data protection audits, they have been found in organizations worldwide, where users keep passwords in text documents or notes on the side of their computer, without the necessary security measures to back up their data, from this way to access user accounts is extremely simple.
"When the authentication mechanism is based on the existence of passwords, there will be an allocation, distribution and storage procedure that guarantees its confidentiality and integrity."
Therefore, the management of passwords, in addition to an obligation on the part of companies, is an important pillar to protect the security of all confidential data that the company could have, from customer information, to information on special projects of a company. deal.
Failure to comply with this password management can lead to serious penalties, it is vital for the security of the entire system as long as other more advanced identification and authentication systems are not available.
Both the user and the organization must be aware that the passwords, whether for the smallest service in which we can register, are vital so that the entire security system doesn’t fall.
Therefore, all recommendations that can be made, in addition to the obligations established in the data control regulations, must be taken into account to avoid further inconvenience.
Most browsers such as Firefox or Chrome, have their own native password managers, which store all the passwords you use on the Internet to remind you when you go to identify yourself on your different pages both on your computer and on other devices where you have them installed .
Thus, when you visit a web page that requires authentication, the browser automatically writes the user and the password in the corresponding fields, without the need for the user to intervene.
An alternative way to manage passwords is to have an application or program that allows you to store passwords on web pages that offer this type of services. In this way, it is possible to access them from anywhere with an Internet connection.
In this case, the security of the keys will depend fundamentally on the level of trust that is given to who offers the service.
Password managers are also useful as a defense measure against phishing, since, unlike a human being, a machine is not wrong to distinguish between two similar pages but with different domain, which guarantees that the password will be entered only on a legitimate page.
