Password security is an important part of a larger security plan. Web-based applications can be accessed from anywhere in the world. With more and more facilities using web-based applications, we need to make sure employees are using secure passwords.
In order to secure our networks and applications, passwords must be of a certain strength, which means an attacker will be unable to crack a password. Attackers use computer programs to cycle through variations in passwords until they come across the correct password. The strength of a password is determined by how easily they can do this.
Why Do I Need a Password Policy?
Creating a password policy for your business is critical in defining the criteria that employees use when creating passwords, we have written about that topic in Why a Password Policy Matters.
PCI Compliance Concerns
Customer credit card information and customer personal data is a high priority. If your facility accepts credit cards, you must also have secure passwords to be compliant with PCI. The guidelines we discuss here will bring you into compliance with PCI standards. For more information on PCI Compliance view our article What Is PCI Compliance.
My Employees Can’t Remember Their Complex Passwords
The largest barrier for implementing secure passwords is the employee. Employees will find it difficult to remember complex passwords. If employees are having trouble remembering secure passwords, you should also check out our article on Using Password Managers.
Here are the Two Simple Rules to Follow for Password Security
Rule One : Password Length Guidelines
Passwords must be at least 8 characters long, no exceptions. Ideally, passwords should be 12 characters long. The more characters we have in the password, the more time it will take a would be attacker to crack the password.
Rule Two: Password Complexity Guidelines
Passwords must contain at least one character from each of the following groups.
- Lower case alphabet
- Upper case alphabet
- Numbers
- Special Characters
Remember that an attacker is typically looking for a relatively easy point of entry. If you follow these guidelines for password creation, it makes it very unlikely that an attacker will be able to crack a password within a reasonable amount of time and/or effort.
Currently, I own and oversee Shady Acres Pet Ranch and Fur Kids Grooming in Round Rock Texas. In the past I have owned and managed Compassion Pet Sitting, one of the largest Pet Sitting Services in the Austin, TX metro Area.
I have also worked as an Executive in Fortune 50 and Startup Businesses for the last 18 years, providing me a strong foundation of Leadership, Business, Finance, Technology, and Marketing.
Latest posts by Tom W (see all)
- 5 Important Reasons Why a Password Policy Matters - February 26, 2018
- 3 Simple Ways to Offer Grooming Services as Community Outreach - February 23, 2018
- Pet Care Market Analysis For 2018 - February 4, 2018
