post-header.png

Here’s How to Change Your Password Policy Now (so it works without being constantly irritating)

Password_Policy.jpegAfter speaking with an advisory firm whose management team requires employees to change certain passwords every three months, I was inspired to help firms establish practical and sane password policies. While password *strength* is vital to security, frequency of changing passwords is not so much.

Here is a link to a super article Kevin Day suggests with tips from security experts about password management (thanks, Kevin!).

It is a short digest of password management, is super practical, and is entirely readable, so don’t be intimidated by the subject matter.   After reading, my hope is that you can help influence your management team to institute secure passwords in a way that won’t cause you angst.

Here’s an excerpt (Tip # 5), plus a fun cartoon (are you a fan of XKCD too?) to share with your system administrator to help get the point across.  Not only will they really appreciate it, your co-workers will appreciate you helping to create saner security policies!

Don’t Change Them So Dang Often

We’ve touched on this before, but it’s counterintuitive enough that it bears repeating: Don’t change passwords every month. And if you’re an IT admin, don’t force your employees to.

“Admins who set password policies are better off requiring longer passwords and letting users keep them for longer, rather than requiring them to change passwords every one or two months,” says Burnett. “This encourages users to have stronger passwords and avoids simple schemes like incrementing a number at the end of the password each time they have to reset it.”

Passwords are hard. They should be! But it’s better to go through the trouble of making one good one, and sticking with it, than to expect to be able to turn over that many special characters more often than you do the pages on a wall calendar.

Passwords.png

 

password_strength.png

So imagine being the office hero, but instead of bringing in

bagels, you help create better security while saving everyone from password headaches.

Please let us know if this article makes a difference to your policies!

Share:


Subscribe to Email Updates

Author

Jo Day

Jo Day

Jo loves learning about interesting problems and how people are solving them. Jo is well known for connecting people and ideas and is a great catalyst (moo!) to change. Where some people see the world through rose colored glasses, Jo sees the world through processes. When Jo isn't hanging out with her family, Jo's favorite hobbies are being anywhere outdoors and coming up with new business ideas – just for fun!

Learn more about our solutions

See how to bring efficiency up a notch with Trumpet solutions for law firms and financial advisory firms.