There are a lot of areas you can focus on to improve the security of your network. Where should you start? One simple place to start is getting a password policy in place. How many of you have passwords that don’t change? How many use the same password on multiple accounts you log into? We’ve listed some suggestions below for you to consider:
1. Change passwords at least every three months for non-administrative users and 45-60 days for admin accounts.
2. Use different passwords for each login credential.
3. Avoid generic accounts and shared passwords.
4. Conduct audits periodically to identify weak/duplicate passwords and change as necessary.
5. Pick challenging passwords that include a combination of letters (upper and lower case), numbers and special characters (e.g. <$>, <% style="color:#4f4f4f;" > and <& style="color:#4f4f4f;" >).
6. Avoid personal information such as birth dates, pet names and sports.
7. Use passwords or passphrases of 12+ characters.
8. Use phrases for your passwords like ex: 12Buck13my$h0e!
9. Use a Password Manager such as LastPass where users need just one master password.
10. Don’t use a browser’s auto-fill function for passwords.
We can assist your organization with implementing some or all of these suggestions. Let me know if you would to discuss this further.