Hackers are using weak and stolen credentials in a significant way to compromise business-critical environments. Stealing access to your environment using a known password for a user account is a much easier way to compromise systems than relying on other vulnerabilities. Therefore, using good password security and robust password policies is an excellent way for organizations to bolster their cybersecurity posture.
What characteristics make up an effective password policy?
Developing an effective reporting structure for key business stakeholders, leadership, and external entities showing compliance with strong password security policies is essential.
With changing times and evolving cybersecurity threats, best practice recommendations regarding password policies are changing as well. We have had years to understand and learn what works and what doesn’t with password policies. Let’s note the following best practice guidelines regarding effective password policies:
Encourage the use of passphrases
Don’t throw away password expiry
Implement breached password protection
Use password dictionary checks
Use account lockout policies
1. Encourage the use of passphrases
Traditional passwords are often easily cracked by the right hacker tools, even with symbols and special characters. For this reason, it is more important to have a strong password that is made up of many characters than a shorter password that contains special characters. Therefore, cybersecurity standards now strongly recommend that organizations allow and encourage end-users to use passphrases as valid passwords.
Passphrases offer many benefits over traditional passwords. These benefits include easier to remember than passwords with special characters. They are much longer and stronger passwords that can be unpredictable for attackers hoping to compromise accounts. As an example, note the following comparison (larger bits equal stronger password)
MyP@$$w0rd1$ (84 bits)
Is.My.Password (100 bits)
Arguably, the second passwo ..
Support the originator by clicking the read the rest link below.
