Password responsibility and security

If you’re someone that’s worried about the security of the web sites you use, whether it’s for personal reasons or as a business partner, you can’t help but be concerned about how other sites manage passwords. Password security is but one aspect of web site protection, but it’s very public-facing. The recent LinkedIn hacks are troubling, to say the least, and LinkedIn is only the more recently-visible site to suffer the hacker’s scrutiny. Sadly, it happens all of the time.

Now, it’s easy for all of us to blame LinkedIn, or any web site that has had their passwords hacked. However, if you really want access to the site secured, you should initiate (and monitor) minimum password strength levels. Your first pet’s name probably isn’t going to cut it. Mine was “Kitty”…you see my point.

Web sites can enforce this, but at Red e App we do not. But we don’t because we chose to allow each app user to decide for themselves what password strength is appropriate for them. If “Kitty” is good enough for the individual, we’ll allow it.

For enterprise consumption, though, this probably isn’t good enough. We leave that decision to the enterprise partner. Local enterprise policy should be authored, followed, and enforced.

But you may be interested to know that here at Red e App we hash all passwords using SHA-1 after adding a series of cryptgraphically-random “salt” bytes (nonsense values that serve to increase the complexity of the password and help prevent successful hacks). It’s unwise to ever claim a site is not hackable . . . but this technique for securing passwords has been proven to be the most secure of any alternatives we could have chosen.

And, no, my personal Red e App app password is not “Kitty”!

Kenn Scribner
Red e App Director of Platform Engineering

Share This Post

More To Explore

Magnifying Glass Copy
Workforce Management

Workforce Management Trends

Will the last employee out the door please turn off the lights. Many are calling it the “Great Resignation,” with the U.S. Bureau of Labor

Red e App Small Business copy
Employee Engagement

Is Red e App suitable for small businesses?

Since the pandemic, America’s workforce has been in a state of flux. With talent shortages, increasing competition, and technological disruption, there is a greater need

CTA-Technology

Technology enables real change

Red e App isn’t here just to sell software to put a Band-Aid on your communication problems — we’re out to change the world for non-desk workers. We’ve spent years in the trenches with companies of all sizes and all levels of complexity, and we’d love to help you consider how to make real change in your organization.

Complete the form for your download

Name(Required)
This field is for validation purposes and should be left unchanged.

Complete the form for your download

Name(Required)
This field is for validation purposes and should be left unchanged.