Password Best Practices

Here are a few hints on the proper use of passwords, processes and a password vault solution for organizations. Pay special attention to Multi-Factor Authentication (MFA) requirements if you are not using the TEKRiSQ provided solution. 

63% of confirmed data breaches leverage weak, default, or stolen passwords. Complex passwords can be hacked instantly. Password reuse across multiple applications is common. Using a standard password with addresses, children’s names, birthdays leaves you vulnerable to credential stuffing attacks and hacking.  

Where do you rate on password security? (questions for every business) 

1. Is every employee using a password vault throughout their day to day business? 
2. Have they enabled multi factor authentication (MFA) on their password vault? 
3. Is every employee automatically generating complex passwords (i.e. 20 characters, alphanumeric etc)?
4. Are employees using the autofill feature (i.e. no need to type passwords when logging into a website)?
5. If/when employees access client networks, do they store and manage these passwords? Is MFA required?
6.  If clients don’t require MFA for access, is it available? (Hint: a larger security concern must be addressed.) 

Make Sure Your Password Process Works. To discuss this issue more, contact TEKRiSQ here.