How many times per day do you have to remember your username and password to access an application or Web page? According to a recent TeleSign study, consumers have an average of 23 online accounts, and more avid Internet users have a much higher number. In my own experience, as of noon today, I’ve already logged into 9 different applications - all of which have required username and password authentication. To make matters worse, I had to reset a password to a website I hadn’t used in a while. That said, we at FileOpen know just how frustrating it is to manage what seems is a never ending list of credentials in your head. So today’s post will cover how you can protect your high-value documents without some of the inherent pain points and security issues associated with username and password authentication.
Passwords are the most common way users confirm their identities. However, passwords are also considered a weak form of authentication. The truth is that there’s nothing wrong with passwords; the problem is the user. Users experience what is known as password fatigue; they select passwords that are too simple, too predictable, they re-use the same passwords across systems, they fail to change their passwords on a regular basis, and much to our disbelief, users log credentials in notebooks usually kept alongside their machine. As you can see, the Personal Internet Address & Password Log Book retails for $6.49 and is currently a #1 Best Seller on Amazon.
FileOpen document security software offers businesses a variety of authentication modes designed to alleviate the pain and insecurity of traditional username and password authentication.
The first out-of-the-box mode of authentication is device or machine authentication. With this mode, users authenticate once by opening a FileOpen Registration PDF on their desktop, laptop or iOS device with the FileOpen Client. Once opened, the FileOpen Client sends a list of machine identifiers, unique to that user’s device, to the governing PermissionServer which then logs the information within the user’s profile as a registered device. After opening that registration PDF, all subsequent access requests by that user are permissioned by validating the user’s machine identifiers with the governing PermissionServer. This means the whole identification process is invisible to the user and is exactly the same as opening a non-protected PDF file. All permissions are obtained from the document owner’s PermissionServer in real-time, and are specific to that user’s device. Permissions are not portable in any way that the user can control; permissions are locked to the original device.
The FileOpen software may also employ additional means of authentication. FileOpen integrates with existing ADS/ SSO systems, eCommerce systems, enterprise file-sync-and-share or learning management tools. These options make it easy for administrators to centrally manage users and permissions, without requiring users to manage yet another password. In addition, custom configurations can be deployed to support cookie-based authentication, domain authentication, and user log-in authentication.
While businesses truly dread the challenges and problems posed by passwords, it still remains a core authentication and security technology. And, as mentioned above, we don’t believe passwords are the root of the problem, we believe it’s the human element. With that being said, FileOpen does support username password authentication and includes features to ensure security. These features include:
Want to learn more? Start a free 14-day trial to see how you can start protecting your PDFs, without passwords.