Password recovery tools could be abused and used for the wrong purposes. The warning came in light of a launch of the first commercially-available password recovery tool for OpenOffice, a popular application suite based on open source technology.
Graham Cluley, Sophos' senior technology consultant, said password recovery tools can be used for both good and bad. "It's a grey area in software. Cottage industries for such tools are mushrooming. These applications can help people, but in the wrong hands they're a bit of a security concern." Cluley said in a report by ZDNet.
Paul Wood, MessageLabs's senior analyst, agreed with Cluley. He said the availability of password recovery software poised the risk of a possible attack from disgruntled employees.
"One attack vector is if a rogue employee has access to file-share password-protected documents. They can copy them, take them offline, and brute-force them at their leisure," Wood said.
He added that companies should also consider managing privileges and other encryption technology for sensitive documents.
Intelore earlier announced the release of its OpenOffice Password Recovery software, which allows users to recover OpenOffice passwords and remove formatting and editing restrictions on documents.
http://www.allheadlinenews.com
Other sources:
Password Recovery
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment