Employee Security Training

Password Management

Table of Contents

Join thousands of professionals and get the latest insight on Compliance & Cybersecurity.

Just like email, passwords are intricately part of our digital experiences. These days, each individual has dozens of services that require password usage.

This ranges from our social media accounts to our financial applications, tools, and services we use at work.Hence, password security and management have become an important part of digital security.

A multi-billion dollar industry is now in place working on effectively and safely managing passwords through companies like LastPass, Dashlane, etc.
Ensure passwords being created and maintained are strong, stored safely, and changed on a periodic basis. Weak passwords being breached either because of poor storage or brute force are a common phenomenon. In fact, the SolarWinds hack from 2020 was partially attributed to a weak password, solarwinds123, being used on an internal system that hackers got access to.
To ensure internal systems being used at the workplace have a safe, strong, and confidential password, organizations should have a password policy in place. A good password policy should cover the following aspects of password management:

What Makes a Good Password:

1. Length of the password:
A good password should ideally be at least 8 characters with different types of characters being used (alphabets, numbers, special characters)

2. Password active duration:
The passwords can be toggled regularly so that the chances of an old password being used across multiple systems reduces, thereby strengthening the security of the systems.

3. Blocklist:
A good password policy can also include a set of weak yet most commonly used passwords as part of the block list. This would ensure that the employees don’t end up getting a weak password making the system potentially vulnerable.

4. Secure Storage:
To store the passwords, it’s advisable to use password managers like LastPass or Dashlane against written passwords on an Excel spreadsheet or post-it notes. In the event of the system being hacked or breached, the passwords stored in dedicated password management systems would still remain safe but passwords stored in plain text in note-making tools are a security risk.

  • Employee Security Training
Srividhya Karthik

Srividhya Karthik is a seasoned content marketer and the Head of Marketing at Cyber Sierra. With a firm belief in the power of storytelling, she brings years of experience to create engaging narratives that captivate audiences. She also brings valuable insights from her work in the field of cybersecurity and compliance, possessing a deep understanding of the challenges and pain points faced by customers in these domains.

Find out how we can assist you in completing your compliance journey.

toaster icon

Thank you for reaching out to us!

We will get back to you soon.