SafeHealth Docs

SafeHealth Docs

Overview
New? Start here.
Value Creation
Sales Model
Governance Model
Delivery Model
Profile Model
Engagement Model
Revenue Recognition Model
Support Model
Concepts
What is SafeCDx?
Existing Standards as Foundations
Interoperability as a Fundamental Design Pillar
How a Connected Test gets registered and validated on the Platform
Smart Contracts, Consent, and Consent Enforcement
How an Actor gets registered and verified on the platform authenticated, authorized, and audited?
How is data exchange governed between Actors, Services, Applications, and Connectors?
How a Connected Test Transaction Works
Solution Guides
Embedded Connected Diagnostics
Care Automation
Return-to-Lab
At-Home Care
Novel Pathogen Early Detection
Primary Digital Care
Organization and Billing
Login to Safe Health
Organization Setup
Create Organization
Configure Organization
Workspace Setup
Configure Workspace
Create Workspace
Safe Health APIs
Create Service Account
How To
Make API Calls
Control API Access
Design
Architecture vs Design
Design Challenges
Design Goals
Standards Based Design
Data Standards
Design Patterns
Clinical Serialization Standards
Security Standards
Serialization Standards
Terminology Standards
Transport Standards
Stereographic Projection
Event-Driven Design
Cultural-Dependent Design
Service Interface Design
Contract-Based Design
Distributed Transaction Design
Testability Design
Code Generation Design
Science of Great User Experiences
Platform Architecture
CDx Conformance
CDX Model Conformance
CDX Server Conformance
CDX Registry Conformance
CDX Modeling Notation Conformance
CDX ESG Conformance
CDX Sidetree Conformance
Data
Bytes
Wire Protocol
Data Model
Spec Entity
Spec Clinical Entity
Spec Meta Model
Spec Clinical Meta Model
Spec Resources
Ontologies
Lifecycle
Network
Personal Area Network (PAN)
Local Area Network (LAN)
Wide Area Network (WAN)
Jurisdiction Area Network (JAN)
Transports
Transports
Transaction Management
gRPC
HTTP
GraphQL
Security
Our Approach to Security
Privacy
Consent-based Decryption
Performance
Threading Model
Extensibility
Interoperability
Systems
System of Record
Systems of Differentiation
Systems of Engagement
Configurations
Services
Connectors
Systems of Innovation
System Lifecycles
Value Planes
All Planes
Collapsed Planes
Customer Plane
Business Plane
Gateway Plane
Mesh Plane
Workload Plane
Data Plane
Event Plane
Profile Plane
Control Plane
Federation Plane
Hardware Plane
Network Plane
Physical Plane
Journeys
Actors
Users
Patients
Organization Representative
Providers
Partners
Service Accounts
System Owner Journey
System Developer Journey
System Governance Member Journey
System Consumer Journey
Patient Journey
Medical Device
Solutions
Applications
Block Chain
Visual Design
Glossary

Password Manager

A Password Manager is a computer program or Cloud service that allows users to store, generate, and manage their passwords.

Passwords have quite a few Security issues, many of which are physiological and psychological physiological in nature (most prominently man’s limited capacity for remembering multiple strong Passwords for extensive periods of time, and his unwillingness to compensate for that limitation with effort). As a result Users recycle relatively weak Passwords. Password Managers provide a technical solution to complement man’s limitations and allow for using unique strong passwords for various service that require Authentication.

Whenever a User registers for a service and has to provide a Password, the Password Manager will intervene and offer to generate a unique strong Password, which will be stored by the Password Manager. The next time the User wants to login to that same service, again the Password Manager will intervene, and offer to enter the credentials that were generated before.

Though Password Managers solve some problems, they create others:

The Password Manager becomes a Single Point of Failure: If the User loses access to the Password Manager, he loses access to all his Passwords. Also, if access to the Password Manager is compromised, then all the User’s Passwords are compromised. See https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/ for a recent example.
Because with a Password Manager entering Passwords is as simple as clicking a button, Users can be tricked into providing credentials when they shouldn’t. (Also see Social Engineering and Fingerprint Recognition).

Pages linking to this page

Title	Section
2FA	fundamentals