Cybersecurity Awareness Month is this month so of course we need to highlight the importance of strong passwords. CISA bullets 3 tips for strong passwords:
- Make them long – At least 16 characters
- Make them random – Use a random string of mixed-case letters, numbers, and symbols or random words creating a passphrase
- Make them unique – User different passwords for every account
We agree with these bullets but know it can be hard to enforce this across an organization. Here are some ways to help ensure users are using strong passwords:
- IT departments are able to blacklist the use of commonly used passwords. Some blacklisted passwords might include sports teams, the name of the organization, or keyboard patterns.
- Configure all systems to require passwords to be a certain length and have 4 of 4 complexity (symbol, capital letter, lowercase letter, and number)
- A password manager is a great way to abide by all of these rules without having to memorize so many long passwords! Additionally, a password manager can help generate these passwords, so they truly are random.