jspωiki
Credential Management

Overview#

Credential Management is the management of Credentials.

Credential Management is the set of practices that an Credential Service Provider uses to:[1]

credentials for identities within their context and amongst any Federation partners

Risks with Credential Management#

  • Attackers that can gain control of your Credential Management system can issue credentials that make them an insider, potentially with privileges to compromise systems undetected.
  • Compromised Credential Management processes result in the need to re-issue credentials, which can be an expensive and time-consuming process.
  • Business application owners’ expectations around security and Trust Models are rising, and can expose Credential Management as a weak link that may jeopardize compliance claims.

These Credentials are secrets and may consist of:

No Recovery#

Any Authentication Method (or Authentication Factor) without a Credential Management that includes credential recovery, requires the replacement of the Credential.

More Information#

There might be more information for this subject on one of the following: