Passwords may be frustrating, but they’re not going away anytime soon. While some have tried to replace them with biometric data, like fingerprints or facial recognition, passwords remain a fallback. Unfortunately, many people still create easily guessed and hackable passwords, and the proliferation of non-human accounts complicates the password problem further.
Despite outdated advice still circulating, it’s crucial to recognize that strong password policies are the first line of defense against unauthorized access, at least for now. In this blog, we’ll explore password management best practices every organization should consider, backed by recent data on password behaviors:
- Create Strong, Long Passphrases: Opt for passphrases over passwords. Use over eight characters, including upper and lower-case letters, numbers, and symbols. The US NIST recommends passphrases up to 64 characters.
- Apply Password Encryption: Encrypt passwords, especially in transit over the network, to protect them from theft.
- Implement Two-Factor Authentication (2FA): Require users to verify their identity with a one-time code sent to their mobile device or a personalized USB token.
- Use Advanced Authentication Methods: Leverage biometric verification, such as fingerprint or facial recognition, for an extra layer of security.
- Test Password Strength: Employ online tools to assess password strength and generate less hackable options.
- Avoid Dictionary Words: Stay clear of dictionary words to thwart dictionary attack programs.
- Use Different Passwords: Never reuse passwords for multiple accounts; it can lead to multiple breaches.
- Secure Mobile Phones: Protect mobile devices with strong passwords, fingerprints, or facial recognition.
- Avoid Periodic Password Changes: Refrain from forced, frequent password changes; focus on threat-based changes instead.
- Change Passwords When Employees Leave: Change passwords for departing employees to prevent unauthorized access.
- Protect Privileged User Accounts: Use privileged access management for sensitive credentials, changing them regularly.
- Keep Business Offline: Don’t expose sensitive information on the public internet, and revoke app permissions when done.
- Avoid Storing Passwords: Never store passwords digitally or on paper, as they can be stolen.
- Prioritize Safety: Use up-to-date anti-malware and vulnerability management solutions to protect against credential theft.
- Use Password Managers: Employ password managers for secure storage, generation, and auto-filling of passwords.
Password managers, available in personal and privileged versions, offer encrypted storage and ease of use. Personal managers help individuals manage various accounts, while privileged managers focus on securing sensitive enterprise credentials.
Passwords may have changed little, but password management has evolved considerably. With these best practices, you can create an effective password security policy and bolster protection against unauthorized access.
Remember, stolen or weak passwords still top the list of reasons for data breaches, so implementing robust password management is essential for organizations.
