System-based Password Reset for G Suite™

System-based Password Reset for G Suite™

Many questions have emerged around password security. There are broad questions, such as what security requirements to enforce (e.g. password complexity, MFA), and then there questions that are specialized to the unique needs of your users and environment. For instance, is it possible to do a system-based password reset for G Suite? Or is that a little nonsensical considering that to change your G Suite password you need to do that inside of Google’s G Suite console? Further, why would anyone want to change their G Suite password from their machine and not the browser? If I’m changing a G Suite password in the browser, isn’t that doing it on my machine? These are all great questions when it comes to password management, and today we’re going to answer them and discuss the usefulness of a system-based password reset for your users’ G Suite accounts.

Phishing: Say Goodbye To Your Online Persona

Legacy Security PracticesOur email is perhaps the most critical account that we have. All of our other IT services, banking, and online activities go through our email. Because of this, most online services assume that you have control over your email. If you want to change something significant on any of your various accounts, such as password resets, changes to profiles, and many other functions, those tasks are most likely going to be verified via email.

Getting back to the questions at the beginning of this post, they are all aimed at helping end users protect their most critical online account: their G Suite account.

Password changes and resets are a common attack vector for hackers to leverage in order to compromise end user email accounts. This is done through what’s called phishing—hackers send you a carefully crafted email that purports to require a password change or login to your account. When you click on the link to change or confirm your password, you are brought to a site that looks identical to G Suite and, if you are not careful, your user identity has been entered into the site and subsequently compromised. The 2018 Data (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Katelyn McWilliams. Read the original post at: