As discussed in Part 1, passwords provide protection by preventing unauthorized entry into websites, programs, and networks. Part 2 will discuss eight more best practices for your company’s password policy. Consult with an established managed IT services team to get the best results for your organization.

6) Lock Outs

Companies should lock out users after they unsuccessfully log in after a certain number of attempts to prevent continuous programmed attacks intended to crack passwords.

7) Never Share or Write Down

Employees should never tell anyone else their passwords. They should not even let anyone watch as they log in. In addition, passwords should not be written down.

8) No Dictionary Words

Cyber criminals use dictionary attack programs that run searches for dictionary words so using unusual or long words won’t be a defense.

9) Policy Enforcement

Alongside employee training, it is crucial for companies to enforce their password policies with consequences that may eventually lead to termination.

10) Refuse Offer to Remember

Although convenient, employees should be trained to refuse the offer of e-mail programs and browsers to remember their passwords.

11) Revise Annually

A good policy would be mandating that employees change their passwords annually.

12) Separate Symbols and Numbers

Symbols and numbers should be used separately in passwords to make it even more difficult for cyber criminals to crack them.

13) Software Solutions for Sensitive Data

For personal or financial information, companies should implement even stronger policies for additional protection from attacks. Utilizing password managers and tools should be strongly considered. Along with the storage of credentials, the majority of these programs also provide password generators that conveniently create passwords that are extremely difficult for cyber attacks to compromise. They should have the features below:

Generation of passwords that are random and complex

Two-factor authentication using both a password and a secondary method like a PIN code

Alpha Engineering Business Support

Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990 and offer:

• 24/7 Managed Services for Business Computing Systems
• Network and Mobile Computing Support
• Disaster Recovery Planning
• Software Development

For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at (410) 295-9500.