A password-free environment is still just a concept far from reality, despite being discussed for a long time. For now, the world is stuck with usernames and passwords, and no matter how secure the authentication solution may be, those credentials will not be phased out overnight.
Currently, a more secure approach for using passwords is when a password can only be used once. Single-use passwords protect users from credential theft. Unlike static ones, which don’t change, using passwords only once makes systems resistant to attack.
Once entered in senhasegura, passwords are managed by the solution’s password vault. This means that the vault can change the password at any time. These changes can occur in the following ways:
- Determined by the institution’s password policies (automatic): based on the company’s password policies registered in the system, the vault changes keys automatically and periodically, facilitating the task of the information security team;
- Determined by password exposure (automatic): When a user is authorized to view a password stored by the vault, the password can be used for a set period of time in the system. When this time is over, the vault will immediately change the password so that the credential returns to the vault custody;
- Requested by an administrator user: a user with administrator privileges in the vault can schedule a password change for some or all devices registered in the vault at any time.