Tech Tip * February 9, 2016
CyberInsecure – Password Policy
Look, we ALL are inundated with passwords for things in our personal and professional lives that get overwhelming. But best practices in business technology dictate clearly the need for some diligence on the user’s behalf to keep accidental organizational intrusion near zero. Here are two tips for password policy that every small and mid-sized entity staffer should embrace:
- Consider this – change your passwords like you are supposed to change your smoke detector batteries at home. I learned a long time ago to do that every time we change from Daylight Savings to Standard time and vice versa. But you can pick your own dates, just make sure at the least it is twice per year. Maybe using my method you can create a new internal slogan – “Spring forward and fall back your passwords!” You can add to it by requiring the last three passwords to be unique.
- I know this one makes people cringe, but think about multi-factor authentication. Here you log into a computer, network, cloud, and application, but are required to provide more that just typing a password. This could be a “smartcard”/token you carry or a biometric key like a retinal or fingerprint scanner. This option may well be everywhere soon enough – rumor has it becoming more of a requirement beginning this year.
You can also look into password management software as well. Oh, one other thing… if you are on a shared computer and asked if you want to save your password in a browser, don’t! More tech tips next week… ciao!