Passwords in the Real World

by Larry Emmott on July 9, 2018

in Security

PPasswords should be treated as you would your toothbrush. Never let anyone else use it and change it every three months.

Good professional password protocol includes passwords that are at least eight characters long, include numbers. letters, upper and lowercase and even symbols. They should be changed every three months and you should assign user rights to various levels of your management software. All of that is good advice and it is undoubtedly sound strategy to protect yourself and your patients from unauthorized use of your practice data or from hackers or dishonest staff members.

It is good advice but in the real world hardly anybody does it.

The fact is that in a dental office people move from one computer to the next to enter and retrieve data and if Sally is out sick we still need to use her machine. When Sally leaves the computer in room one she doesn’t log off, that takes too much time as she will be back in room one with the next patient in another thirty minutes. That means anyone else can go to room one and use that computer with Sally’s log on and user privileges. Password protocols that block the user every time he/she attempts to do certain procedures are intrusive, frustrating time wasters that do not get used.

The standard dental office password practice is the “all the same sticky protocol”. That is everybody has exactly the same password and just to be sure no one is ever locked out the password is stuck to the side of the computer with a sticky note.

However there is another way that is so easy to use it might actually work. That is to provide each team member with a unique token or dongle that the computer recognizes and then applies the proper user rights and access. The computer recognizes the token when a team member gets close and then logs off once the team member moves away.

Not only does the token solve the problem of logging on and off and recognizing various user rights without the need or frequent password entry steps it provides a record of who used which computer when.

 

by: at .

Share

Comments on this entry are closed.

Previous post:

Next post: