We need to talk about the “Janet” in your office. You know the one. Sticky notes all over the desk and monitor labeled:

“MailChimp: Username/Password1”

Passwords are the front line of defense to your business. In most cases, it’s all that separates someone from your email, computer and network access, and all the sensitive information contained.

Password policies are company-wide initiatives to make sure that that line of defense is as strong as possible.

Here are a few starters for setting up an effective password policy.

1. Change your password every 6 months.

Keeping passwords for too long opens you to more vulnerabilities over time. In the event of an unknown breach, changing passwords also block out unwelcome parties.

2. But keep your password for a minimum of 3 months.

Hackers often try to circumvent the “I forgot my password” system. By setting your systems to require a password be kept for 3 months without system administrator intervention, you reduce the window and probability that that type of attack could occur.

3. Don’t use an old password.

This is an easy one. Older passwords have been around longer, thus increasing the chances that they may have been compromised. In the event they were secure and just phased out, make sure you have changed the password 10 times since.

4. Use complex passwords

The more intricate you can make your password, the better. Use capitalization, numbers, and symbols. One way to make it easy to remember is by replacing letters for similar symbols. Like: P@$$w0rd – but don’t actually use “password.”

5. Password Length

This one is easy. 8 characters. MINIMUM.

6. Have you heard of passphrases?

Passphrases are pseudo-sentences that can be significantly longer than passwords.

Like: Please lease lemon pledge (because who is going to guess that?)

Using Passphrases instead of passwords is just another way to decrease the risk of an account being breached.

7. Password Expiration Emails

Automated emails notify employees when it is coming time to change a password. This keeps your employees aware of when passwords will need to be changed before getting locked out of an account.

8. “But keeping different complex passwords is difficult!”

It doesn’t have to be. Both Google and Apple have “keychain” features that store and update passwords as necessary.

If you are looking for a more secure option than something usable by anyone with access to your device, 1Password stores passwords securely and lets you use them while only having to remember one password.

Other Articles You Might Be Interested In:

Top 15 Benefits of Managed IT Services

Top 15 Benefits of Managed IT Services

When running a business, information technology (IT) can be complex, time-consuming, and essential. However finding, hiring, and training qualified IT staff members has become more difficult than ever. With long hiring periods due to the specialization of the role,...

read more
Should You Hire an Enterprise IT Architect?

Should You Hire an Enterprise IT Architect?

Information technology (IT) is a crucial component of any enterprise, as it touches every digital aspect of a company ranging from computer systems to payment processing. Various software tools and know-how are needed to keep IT architecture operational, whether using...

read more