What should you change them to? What is a “good” password and how do you enforce these with your employees?
Here are some clear rules that you can instigate:
- Do not reuse passwords – as we have spoken about previously once an account or password is known criminals will use this combination to try and log into any system they can access.
- Do set a minimum password length of at least 8 characters. The more complex a password the longer it will take for someone to break it through brute force. Have a look at https://howsecureismypassword.net/ to see how secure your password is.
- Do not set a maximum password length.
- Ensure you can change passwords promptly when you or an employee knows or suspects they have been compromised. You don’t want anyone to access your system because you were too slow to stop it.
- Avoid choosing obvious passwords (such as those based on easily discoverable information like the name of a favourite pet). These could be found using publicly available information. Do you know what can be found out about you and your team? We offer individual and corporate internet investigation if you want to find out.
- Don’t allow common passwords — this could be implemented by technical means, using a password blacklist. These could be used in a dictionary attack.
What should you do?
Identify and change any passwords that do not meet these criteria.
This will depend on the systems that you are utilising as each of them will store and manage passwords differently.
#leighonsea #essexbusiness #essex #essexnetworking #itsupport #itsupportessex #cloudsolutions #galacticait #galactica #itsupportspecialist #itsupportservices #itsupportlondon #southendonsea #southendonseabusiness #cloudsolutionprovider #microsoft #microsoft365 #microsoftazure