Implementing a Password Policy

Password1, 123456, Qwerty, Changeme.

These are just some of the most frequently used passwords.  As a business owner it's likely that you have invested to improve the security of your data and IT systems, but have you implemented a password policy?

Ultimately the strength of your security is as strong as your employees' passwords. Guessing a password could allow a "hacker" to gain access to emails and company data. Implementing a password policy is extremely important part of your overall IT Security Strategy. The password policy should serve as a set of rules to encourage your team to use strong passwords and update them regularly.

Here are some things to think about and could form part of your password policy:

• Passwords should never be written down on paper or on a computer.
• Passwords should never been sent via email.
• Never give anyone your password.
• Do not use the same password twice, as tempting as it may be!
• If you are suspiciously asked to provide your password in person or via a website speak to your IT Provider.
• Avoid using names of people or places, take a look at these most commonly used passwords, is yours on the list? Most used passwords.

As your IT Provider we are able to implement some technical changes to help:

• Set a minimum password length (at least 8 characters)
• Introduce a minimum password complexity by using a combination of lowercase, uppercase, numbers and special characters.
• Ensure passwords are changed every 60 days.

Thinking of creating a new password? This website will rate its strength before you make the switch. How secure is my password?

For more information and help with setting a Password Policy please feel free to get in touch.