Security 101: Password Management
What is the most important layer of security between your network and the bad guys? Passwords of course. Passwords are what keep the appropriate people having valid access while keeping those who shouldn’t be on the network away from it.
Is your password policy right for your company? If not, you could be opening your business up to a security risk. There are some important things to keep in mind when setting, resetting and managing passwords.
Change that Password Every 90 Days
The 90-day rule has been around for a long time. Why 90 days? Typically because 90 days is a short enough time to prevent a compromised password that has gotten into the hands of a hacker from being used and doing any damage to your network.
It may seem excessive and many users complain about the 90 day policy but it is a necessary part of network security. Resist the urge to increase the amount of time due to user feedback.
While you can consider shortening the password change period, the math may not pan out. The amount of time and effort it takes to reset lost passwords, added to the lost productivity, tends to make it too costly to your company.
Use Complex Passwords
Names, children’s names, phone numbers, birthdays and common dictionary words are easy to remember. Which is why these choices are typically what users choose to set their passwords as. Unfortunately, they are also the easiest passwords to hack.
Passwords on your network should include at least two or three of the following, to ensure that they are complex:
- Mixed cases (both upper and lower)
- Numbers or numerals
- Special characters
- Length of 8 characters or over
- No names, dates or other common dictionary words
Having complex passwords makes it harder for hackers to use pattern generating software that can brute force hack accounts. It also makes it more difficult for them to social engineer a password by getting personal information about a person.
Multi-Point Authentication
A more recent password technology is the use of multi-point authentication. This means along with a password, users must enter a separate code. Another method for multi-point authentication is the use of a card reader and a pin. Users enter a card into a card reader and then enter a programmed pin for access. Once the card is removed, access is also removed.
These technologies take a bit more expense and planning to implement. Though, they do make it well worth the investment when it comes to network security.
Password Vaults
Most users get frustrated when they forget a password. Not only is their work delayed but it generates help desk tickets. That is why you might consider using password vault technology for your users.
This technology allows your users to store all of their passwords through encrypted plug-ins or use a master password that generates complex passwords on the back end.
Need Security IT Support in Stamford?
If you need IT support in Stamford for your business’ network, contact U.S. Computer Connection! Remember, uscomputer.com for all of your IT support concerns.