<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] is a [Credential Management] system for [Passwords]

!! Security and Cost Issues 
[Password Statistics] show the Security and Cost Issues surrounding [{$pagename}] an [Organizational Entity].

!! Why Users Do this? 
As [Password Policy] are being made more complex, the difficulty of remembering passwords is increasing. 
One of the issues is that the password policy ignores the &quot;people factor&quot;. As Security experts continually site statistics of how much stronger passwords can be made by making them more complex. The experts seem to forget that they used a computer to generate the statistics and yet expect employees to remember complex passwords that score high in [Password Strength].

The as the employee is forced to change their password more frequently, they must write down the password or they use some simple sequence to try to remember the password. 

!! The result to the organization 
This survey indicates that organizations still face some serious security issues. Based on the statistics, in an organization of our size, 200,000 people; 
* 100,000 people would write their [passwords] down 
* 66,000 people would share their [passwords] 
* 94,000 would perform [Password Reset] at least once a year 
At an estimated cost of $50 per [Password Reset], the company could spend $ 4,700,000 resetting [passwords]. 
There are many more examples for [Password Statistics].

!! Functions of [{$pagename}]
The primary function of [{$pagename}] is to enforce the [Password Policy]
* [Password Changes]
* [Password Reset]
* [Password Recovery]
* [Password] [Access Control]
* [Password Policy]

!! [Password] Life Cycle[1]
The [Password] [life cycle] begins when the user needs to create a password for a new account. ([Credential Enrollment])

[{Image src='/images/Password Life Cycle.png' caption='Password Life Cycle' align=left width=1024 height=768 style='font-size: 120%}]. 
\\
Theoretically, a user might begin with no [Passwords] at all, and have to fabricate one from scratch, but they may also have existing strategies and [password] phrases that they will integrate into a new password. 

This [password] must next be committed, either memorized or recorded, so that it can be later used for [Authentication]. Assuming the commitment process is successful, the user then lives with their [password]. They [login] and [access] their accounts successfully.

If they successfully remember their password, and it is appropriate for reuse, they can then reuse that password. If the password must be [changed|Password Modify Operation] (because it is forgotten, because
someone else has learned it, or because of enforced password change policies), they must return to password creation.

Rationing is present at every step of the password life cycle:
* Users ration effort at creating new passwords
* Users implement [Password Reuse] to put more protection on the most valued accounts
* User reduce the effort of memorization by saving passwords in [Password Managers] or by writing them down
* Users strategically budget the attention they pay to passwords on existing accounts. 
Users save resources from inconsequential accounts so that they can devote them to to more important accounts. 
Allotting time, attention, and energy to different accounts forms the backbone of users’ coping strategies. As with other forms of rationing, users scrimp on effort for some accounts to save it for others.

Rationing contributes to the cycle of [password Reuse]. As effort is reduced from some accounts, it is saved for new ones. [Reused passwords|Password Reuse] are handed down from existing accounts, saving the user the time and energy of creating and memorizing a new password.

!! [Password Anti-Patterns]
There are some common things around [{$pagename}] that are [Password Anti-Patterns]

!! [What To Do About Passwords] 
We know [Passwords] are bad, but [What To Do About Passwords]

!! [Password Management Applications] 
[Password Management Applications] help with [Password Management].

!! [SCIM Password Management]
Some items on [SCIM Password Management]

!! [{$pagename}] and [LDAP] 
* [Active Directory and Passwords]
* [Edirectory Passwords]

!! More Information 
There might be more information for this subject on one of the following: 
[{ReferringPagesPlugin before='*' after='\n' }] 
----
* [#1] - [The Password Life Cycle: User Behaviour in Managing Passwords|https://www.usenix.org/system/files/conference/soups2014/soups14-paper-stobert.pdf|target='_blank'] - based on information obtained 2015-05-25
</pre>