5 Tips on Password Safety

  • Implement password complexity checking. It is easy in most systems to force employees to use a minimum number of characters, which today should be set to at least 10 mixed character types, and screen passwords against a dictionary of common passwords. The most popular password, 123456, violates all three of these basic rules, showing that many organizations are not forcing good password selection.
  • Employ multifactor identification. Multifactor identification involves employees authenticating themselves with several pieces of evidence, typically a static password plus a one-time code from token, app or SMS message. Because of cost and burden on employees, many companies only use this for employees with access to more sensitive data, or for riskier situations, such as remote access.

  • Provide password vaults. Password vaults are software applications that help users store and organize passwords. These password managers usually store encrypted passwords, requiring the user to create a master password – a single, ideally very strong password, which grants the user access to their password database. This counters the need for users to remember, or keep hard copies of, their passwords, and makes it just as easy to use a 30-character complex password as it is to use “123456”.
  • Change it often.  People will often use passwords with an emotional meaning to them. Although this helps reduce the risk of obvious passwords, it means people are far less likely to change their password regularly, which is vital to reducing the threat of security breaches.
  • Do NOT re-use the same passwords across sites. When one site is compromised, it reveals that individual’s password across all the other sites where it has been used.
This entry was posted in Kyda Blog and tagged , , . Bookmark the permalink.