A strong password policy is something that is extremely important, but often not put into place. When a company has a weak password policy or no password policy, there is potential for a major security breach in the network.
There are two main components of a strong password policy – using a complex password and having a lock out policy. In order to create a complex password, users should choose a combination of u
pper and lowercase letters, numbers and symbols. A minimum number of characters should also be in place to make passwords harder to guess. In addition, users should refrain from using the same password for different accounts.
A lock out policy ensures that a Brute Force attack cannot take place. Brute Force hackers use software that allows them to attempt thousands of passwords on an account within seconds. Enabling a lock out policy prevents this from happening by “locking” the user’s account after a certain nu
mber of incorrect password attempts. Once the account has been locked, an administrator will have to unlock it before the user can attempt to login again.
Having these two recommended components will strengthen the password policy on your network and reduce the chance of your network getting breached.