We need to talk about
Passwords are the front line of defense to your business. In most cases, it’s all that separates someone from your email, computer and network access, and all the sensitive information contained.
Password policies are company-wide initiatives to make sure that that line of defense is as strong as possible.
Here are a few starters for setting up an effective password policy.
1. Change your password every 6 months.
Keeping passwords for too long opens you to more vulnerabilities over time. In the event of an unknown breach, changing passwords also block out unwelcome parties.
2. But keep your password for a minimum of 3 months.
Hackers often try to circumvent the “I forgot my password” system. By setting your systems to require a password be kept for 3 months without system administrator intervention, you reduce the window and probability that that type of attack could occur.
3. Don’t use an old password.
This is an easy one. Older passwords have been around longer, thus increasing the chances that they may have been compromised. In the event they were secure and just phased out, make sure you have changed the password 10 times since.
Use complex passwords
The more intricate you can make your password, the better. Use capitalization, numbers, and symbols. One way to make it easy to remember is by replacing letters for similar symbols. Like: P@$$w0rd – but don’t actually use “password.”
5. Password Length
This one is easy. 8 characters. MINIMUM.
6. Have you heard of passphrases?
Passphrases are pseudo-sentences that can be significantly longer than passwords.
Like: Please lease lemon pledge (because who is going to guess that?)
Using Passphrases instead of passwords is just another way to decrease the risk of an account being breached.
7. Password Expiration Emails
Automated emails notify employees when it is coming time to change a password. This keeps your employees aware of when passwords will need to be changed before getting locked out of an account.
8. “But keeping different complex passwords is difficult!”
It doesn’t have to be. Both Google and Apple have “keychain” features that store and update passwords as necessary.
If you are looking for a more secure option than something usable by anyone with access to your device, 1Password stores passwords securely and lets you use them while only having to remember one password.
Other Articles You Might Be Interested In:
Growing problems call for growing solutions. In mid-February, ITonDemand began to roll out a new solution to our client base to address spam and phishing email. This solution, called SpamTitan, is a response to additional security concerns facing IT infrastructures...read more
On March 4th, the Ocala Star-Banner & Ocala.com featured ITonDemand for the recent announcement of our placement on the CRN Pioneer 250. We are proud to stand alongside and partner with our Ocala-area neighbors. We are honored to be recognized for our growth and...read more
ITonDemand was created over a decade ago to help support businesses and organizations IT services. We kept hearing from businesses, like yours, that they just wanted their IT to work. And that is what we do. We make your IT work for you.