Three Password Policy Best Practices for Strong Security

Three Password Policy Best Practices for Strong Security

Password policy best practices for strong AD security

A strong password policy is the first line of defense against cyber criminals and critical business data. However, the recent emphasis on stricter password policies - passwords need to be complex, lengthy, and frequently changed - has end users fatigued. This has led to users setting weaker passwords by exploiting gaps in the policy.
 
A robust password policy tip-toes the line between enforcing complex password and secure but user-friendly passwords. Here are a few password policy best practices that can be implemented in your organization. 

Using Strong Passphrases   

Passphrase and passwords, in spite of serving similar purposes, make a world of a difference. Complex passwords puts the pressure on the end user as they are difficult to recollect and many times, easy to crack. However, passphrases are long, sufficiently complex and are much harder to crack, despite being easy for the end users to remember. 

Minimize Regular Password Changes 

Enforcing a mandatory password change every 30 or 60 days can actually do more harm than good. When users are forced to change passwords in such a short duration, they resort to choosing similar passwords which on the contrary, can reduce security. 

Enforce Passwords to Meet Complexity Requirements 

Simple passwords can be broken into easily with brute-force hacking. Enforcing password complexity requirements will go way beyond the security offered by the basic password and account policies. Password complexity requirements can be configured to follow these basic guidelines:   
  • Passwords can’t contain the user name or parts of the user’s name.
  • Passwords should utilize combinations of characters, numbers, symbols, as well as upper- and lower-case letters. 
A strong password policy when used along with a 2FA system will help keep attackers at bay and safeguard your systems. Keep these points in mind while putting together a robust password policy for your organization.
    • Related Articles

    • Active Directory Password Policy Best Practices

      Active Directory Password Policies: NIST Recommended Best Practices End-user passwords are one of the weakest components of your overall security protocols. Most users tend to reuse passwords across work and personal accounts. In Microsoft Active ...
    • Three Best Practices for Securing Active Directory

      Active Directory Security: Three Recommended Best Practices  Active Directory places a central role in authorizing user access and applications. Hence it is no surprise that organizations, world over depend on it for day-to-day IT operations such as ...
    • Best Practices for Configuring Group Policy Objects

      GPO Best Practices Group Policy makes dealing with your operating system easier and more effective. In addition, this allows you further control over network accounts. This makes your network safer from outsiders. Moreover, it reduces the trusted ...
    • Password Policy

      Password Policy ensures that a user password is strong and is changed in a periodic manner so that it becomes highly impossible for an attacker to crack the password. To edit Password Policy settings: Go to Start Menu → Administrative Tools → Group ...
    • Best Practices | Active Directory FSMO Roles

      FSMO Roles in Active Directory In Flexible Single Master Operation, the responsibilities of the single-master are split into separate roles. These roles can be distributed to any domain controller in the enterprise, based on the requirements. This in ...