Removing Risk From Employee Password Management In Your Business
Commonly, password security policy is implemented as a subtle blend of automatic rules and crossed fingers.
Whilst password composition and expiry requirements are programmatically enforced, password creation and protection has been left to the individual. Given our well documented bad password habits, it's fair to assume that there are more than a few security policy violations around the patch when it comes to those elements of policy that cannot be automatically enforced - elements such as password protection and cross-system password reuse.
Our view is that employee password management should be an integral part of the any business' security education curriculum. If we show people how to manage passwords properly, then there is a better chance that they will do a good job when compared to leaving them to figure it out for themselves. The upsides of mandatory password training are more efficient staff, reduced operational costs, broader policy compliance and stronger security.
To help you understand how we are solving the problem of risky employee password management, we have included below the unbranded version of our LMS-compatible password training program for your review.
If you would like to learn more about licensing and customisation options for the Password Security training and the supporting Guide, please hit the button below and let us know how best to reach you.
Review Password Coach Fundamentals
The Password Coach system combines a short training course with a document-based Guide that helps employees to fully comply with password security policy. This first of two modules introduces the system and invites attendees to complete the preparatory steps in readiness for using the system in their daily working lives.
Duration: 16 minutes (but you can skip through in 60 seconds)
Review Password Coach in the Workplace
In this short module we build upon the techniques learned in the first module and shows how the Coach's system is used to generate and retrieve policy compliant passwords that don't need to be recorded and won't ever be forgotten.
Duration: 6 minutes (but you can skip through in 60 seconds)
Review Password Coach Employee Guide
Core to the Password Coach system is the Password Coach Employee Guide to Strong Password Security. The Guide is a simple PDF format document that enables staff to create and retrieve passwords visually. This approach means that passwords do not need to be memorised nor written down, and so are protected and fully comply with security policy. No additional software is required.
Many unique versions of the guide are created and distributed to staff at random. Multiple customisation options are available to ensure that the guide is correctly branded and tailored to your business' specific security and education needs.
To download a generic version of the Password Coach Employee Guide to essential password security hit the button (no registration required).
Your common questions answered.
Q: How would you describe Password Coach in 200 words?
A: Password Coach is a simple repeatable, routine for helping the non-technical amongst us to fully comply with password security policy. Password Coach works by prompting users to convert a simple, secret pattern into many strong and unique passwords. There is no need to remember passwords and so the temptation for staff to use risky DIY password reminders goes away. The system is deployed as a PDF e-book (the 'Password Coach Guide') and so is familiar and highly portable. There is no password storage and so no risk of leakage or loss. There is no software to install and so deployment is quick and painless. Users request the Password Coach Guide under their own steam from our website, and a custom, branded version is delivered direct via email. We take care of all of the hosting and the distribution. The user training course is included and may be plugged into the Learning Management System alongside other security training materials. A number of customisation options are included as standard, with other available as chargeable extras. The Coach can be used at home and at work. The price per employee is about the same as a cup of coffee.
Q: Why should I care?
A: ROI? A survey of 2,000 people in the U.S. and the U.K. has found that companies lose over $420 in productivity per employee per year due to workers struggling with passwords.
A: Compliance? Password Coach removes the need for anyone to create their own password reminders thereby enhancing security policy compliance.
Q: Do we need to install any special software to use Password Coach?
A: No. The Password Coach system utilises a PDF format e-book and only requires the Adobe Acrobat Reader (or Preview on a Mac).
Q: Do I need to put the deployment of Password Coach into my massive queue of other IT projects?
A: No. The deployment is extremely light touch. Password Coach requires no software, no additional systems and only minutes of training, and so may be implemented with minimal assistance from IT.
Q: How is the roll-out managed?
A: You simply need to direct your workforce to the Password Coach download site. Once there, they will complete a short form and we will send them out a link to their version of your private, branded Guide and the training.
Q: What happens if an employee misplaces their copy?
A: They just need to return to the download site and request a 'Reprint' with their email address. We will resend them a new copy of the same version.
Q: If everyone has the same book, won't everyone create the same password?
A: No, for two reasons. Firstly, we create a minimum of 100 unique, branded versions (expandable to 1,000) of the Coach's Guide and distribute them evenly amongst the workforce. Secondly, two different patterns are going to generate two different passwords from the same page in the same Guide, so even if two dozen folk have the same one, the chances that they are going to share passwords is near zero.
Q: Is it OK to print out pages from the Password Coach Guide and pin them on the wall?
A: It sure is! The Guide contains no passwords and is useless to anyone unless they know the pattern. So feel free to have a print-out on your desk or sat in a drawer.
Q: Can my IT guys use Password Coach to secure our IoT and M2M devices?
A: Absolutely they can. With Password Coach, your guys can generated endless strong passwords to secure any number of IoT and M2M devices. This way, passwords never need to be written down or bounced around on email. And, of course, those passwords will never be forgotten.
Q: Is it possible to flex the number of systems that may be secured with Password Coach?
A: Yes it is. We include 220 systems as standard, but this can be extended. We can customise most aspects of the Password Coach Guide for Enterprise clients.
Q: Can we replace all Password Coach branding with our own?
A: Yes, we include logo, colour and copy edits as standard.
Q: If we want to replace the Password Coach download site with an internal download site, would that be possible?
A: Yes, we can implement a private version of the download site in your domain. This is a chargeable option.
Q: Can I see an example that you’ve created for a client?
A: Sure. You can download a sample that has been created for the fictitious company Rexan here.
Q: What types of systems can our employees secure with the Coach?
A: Network IDs, VPN, online apps (webmail, social media), mobile apps (banking), phones, tablets, doors, buildings... any system or device that requires a password or PIN is supported.