The downside is that if the user forgets the master password, there is no way to recover it.
#NORDPASS MASTER PASSWORD NOT WORKING PASSWORD#
This master password is only known to the creator and should never be stored on the system of the platform provider. There should be a master password to get into the app or the online service before the secret information can be accessed. This ensures that there is no backdoor to reading the secret information. This is the most basic security principle the service provider has to include in their platform. When you type the credentials in the app or on an online form, it’s in clear text, and once you save it, you should be encrypted. One should ask themselves the following question before proceeding with this approach: How is my password stored? So let’s zoom in a little bit on this approach. However, this statement would raise eyebrows when one suggests creating a database of all the credentials and storing it in a place that if accessed by someone else is even more dangerous. So overall, the second solution is half-baked and cannot be generalized to the whole of the online services available on the internet.Ī better approach to this problem is to store the passwords securely which you can refer to discretely. But many users either do not bother to enable this, or the website simply does not have this feature in the first place. However, if you can couple this approach with multi-factor authentication (MFA), it is still considered secure because the MFA app or the text-based MFA that one receives on their cell phone is still not compromised. Now, this is dangerous as if your credentials get compromised in one place then it can be used in various places and the hackers then can make the most from just one hack. Secondly, if the first one is not an option, then most users tend to use the same login and password everywhere.There is also an advantage to the website owner(s) as they don’t have to get into the compliance of storing personal data of its members as it’s offloaded to those social platforms where the user has already provided their personal information. This is currently the most popular way of allowing members to the area. That way there is no need to create multiple logins in the first place, and it’s easier to remember one username & password and use it in many online services or websites. So if the website owner has integrated their website to use those social platform APIs, you can simply access the member’s area using social login. The first one is from the website owner, who can enable social logins meaning we all have at least one social account on the likes of Google, Facebook, Twitter, etc.It may sound like a simple thing initially, but over a period of time the amount of login and passwords that you end up with cannot be remembered or in other words cannot be managed. Of course, you can avail certain features or browse a website without the need to create a login, but we all know that to be able to do something means we are forced to create a login and password.
This is a very common question one can ask and why is that? Well, it is hard to imagine any website and online service provided today without creating a login.
0 kommentar(er)
