Password management is an essential part of business IT security. An attacker that has administrative credentials to a system can easily infiltrate the company network. Therefore, it essential to maintain good password management best practices to keep your sensitive data safe.
At the end of the day, even the most secure passwords can be cracked by brute force attacks. Brute force is an infiltration strategy that involves guessing all possible combinations of a password in rapid succession with trial-and-error. As computing power becomes more powerful, brute force attacks become more of a threat.
The best practice against brute force attacks is activating multi factor authentication (MFA). This security feature requires logins from unfamiliar devices or locations to provide an additional identity confirmation. This is often sent as a code or confirmation email to a trusted mailbox or device. Multi factor authentication ensures that even if an unauthorized individual has access to your password, they will not be able to access your account if they do not have access to your trusted device.
Ban The Most Common Passwords
Enforce restrictions barring employees from using the most common passwords, as these can be security vulnerabilities in your network. Passwords such as “123456”, “password1”, or “qwerty” are very easily cracked by cyberattackers using brute force attacks, and must not be used to protect sensitive company systems.
Monitoring unusual login attempts.
Configure your company mailbox settings to notify end users and company IT administrators of unusual activity in accounts, such as successful logins from unfamiliar locations. By doing so, employees can notify the company of a suspicious login to their account was not themselves, and allow the IT administrators to rectify the situation.
Avoid Unnecessary Password Changes
Contrary to popular belief, constantly forcing employees to change their passwords on a routine basis is not an effective way of securing company accounts. In fact, it can actually be detrimental to password management by fostering weak passwords.
Instead, it is more effective to only enforce a password reset in the event of a security breach event. If there is suspicion that their account credentials may have been compromised, it is important to change all passwords that may have been affected.
Ensure not to store passwords in plaintext documents
It is bad security practice to store or transfer passwords within the company using plain text. These can include storing them in excel or word files, or sending credentials over email. An attacker that gains access to the company network can very easily find plain-text passwords with a simple search. Therefore, it is essential to keep all passwords encrypted if they are stored on a computer.