While more and more of our private communication, health records and financial transactions are stored online, a strong password policy is our front line of defence to protect information. This kind of information, if in the wrong hands, can pose serious security risks and it’s more important now than ever for administrators to enforce a strong password policy.

23.2 million people were hacked worldwide who used the password: “123456”. This reiterates the fact that not only do users need to come up with stronger passwords, but administrators must also educate users in how to make these strong passwords. Here’s how to go about it.

Understand What A Secure Password Policy Is

A password policy is a set of rules that guides users to create strong and dependable passwords that will help improve computer security. While some password policies are simply guidelines that a user has to follow and not abide by, other times the user must adhere to the strict requirements of the password policy.

While most people are aware of the security risks of keeping a simple password, it can be troublesome for them if the password policies are extremely strict and unfamiliar. Most users get frustrated keeping up with the regulations that they create a password that just barely meets the requirements.

Enforce Using A Strong Password

The stronger the password, the higher the level of security you have. There are certain rules a password policy must have in order to generate strong passwords. While these rules are not set in stone, they are good in providing direction for the users to create strong passwords that can’t be easily hacked.

The kind of rules that every strong password policy must have include: a decent length, minimum of 8 characters long. No personal information at all, and it should be unique from your previous passwords. It should also include uppercase and lowercase letters, numbers and symbols.  

Pass-Phrase Instead of Pass-word

Instead of using a password, users can implement the use of a pass-phrase. With growth in computing power and technology, cracking a word, even if it’s littered with numbers and symbols is not that difficult for a computer than can run 300,000 possible password variations in a second.

A pass-phrase however, something like “I-am-going-to-church-on-Sunday”, would have over one sextillion possible variations. Even a computer running 300,000 possible variations per second would require years to crack the pass-phrase. Pass-phrases are longer and much harder to guess even for computers and are even easy to remember for the average person.

Having trouble forming a “secure” password policy? Well, let us at Lean Security provide you with the assistance you need! Protect your vital information from hackers and scammers by indulging in our penetration testing services.

We also cover mobile application penetration tests to ensure that the safety of your information is guaranteed! Contact us today for more details.