Implement password complexity checking. It is easy in most systems to force employees to use a minimum number of characters, which today should be set to at least 10 mixed character types, and screen passwords against a dictionary of common passwords. The most popular password, 123456, violates all three of these basic rules, showing that many organizations are not forcing good password selection.
Employ multifactor identification. Multifactor identification involves employees authenticating themselves with several pieces of evidence, typically a static password plus a one-time code from token, app or SMS message. Because of cost and burden on employees, many companies only use this for employees with access to more sensitive data, or for riskier situations, such as remote access.
Provide password vaults. Password vaults are software applications that help users store and organize passwords. These password managers usually store encrypted passwords, requiring the user to create a master password – a single, ideally very strong password, which grants the user access to their password database. This counters the need for users to remember, or keep hard copies of, their passwords, and makes it just as easy to use a 30-character complex password as it is to use “123456”.
Change it often. People will often use passwords with an emotional meaning to them. Although this helps reduce the risk of obvious passwords, it means people are far less likely to change their password regularly, which is vital to reducing the threat of security breaches.
Do NOT re-use the same passwords across sites. When one site is compromised, it reveals that individual’s password across all the other sites where it has been used.
You saved me from a complete meltdown! I could not believe it only took you under an hour, to fix what Microsoft tried, and failed, to do in 6 hours. Next time I will call the Kyda Technologies Team first…! I just wanted to let you know, that the MS word, publisher and excel programs have been working all weekend! I was grateful you could save the Word and Publisher version 2013, and I did not have to try and go back to 2007. Now I have to go through the bother of trying to get my money back from Microsoft. Of course, I have not heard a word back from them. Their techs took the money and ran.