To print this article, all you need is to be registered or login on Mondaq.com.
Today is World Password Day, a day for
organizations to remind their employees of the importance of using
strong passwords and practicing good password hygiene to protect
personal and work accounts. Given the large number of accounts that
employees manage—and the risk that weak passwords pose to an
organization—organizations can use this day to emphasize
password security for both corporate and personal passwords.
- Train employees to use long, unique passwords for all
accounts. Short, commonly used passwords can put an
organization’s information at risk. Teach employees to use long
passphrases: at least five words containing at least 15 characters.
It can be difficult for users to memorize—and type—a
long string of random characters, so educate them on how to create
a phrase that they can remember but hackers can’t crack.
Organizational Security Awareness Training programs should
include the risks of reusing passwords—if criminals figure
out an employee’s password for one account, they could use it
to try to access the employee’s other accounts, including their
work account. - Implement an enterprise-wide password manager.
Password managers are highly effective and can help minimize the
risk of hackers accessing corporate accounts. They generate and
store long, unique passwords, eliminating the risk of employees
creating weak passwords or reusing the same password in multiple
accounts. Password managers allow employees to securely share
accounts with other employees, with account managers able to
obscure account passwords for additional security. - Use a multi-factor authenticator (MFA) app for network
access. Authenticating through an MFA app is more secure
than verifying with a phone call or text message. Since such apps
are linked to the mobile device and not the mobile account,
app-based prompts would continue to be routed to the original
device—preventing a criminal from intercepting an MFA prompt
if they take over an employee’s account.
- Educate employees to respond appropriately to
unexpected MFA prompts. Unexpected MFA prompts may
indicate a criminal is trying to sign into an account using a
stolen password. Criminals hope that the employee will tap
“Approve” accidentally or out of frustration to stop the
prompts from appearing. Employees should be trained to reject
unexpected prompts, change their network password, and immediately
report the attempt.
- Educate employees to respond appropriately to
Emphasizing the importance of long, unique passwords and good
password hygiene can help keep accounts more secure, protecting the
organization’s network and information.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Technology from United States
#World #Password #Day #Security #Long #Unique #Passwords #Security