5 Password Policies to Up Your Security

Complex passwords can save users from being hacked.

Password policy enforcement generally refers to a number of different items, including the following five best practices:

• Length of Password – A password that worked a couple of years ago is a weak password today. Increasing your password length will keep your user’s devices more secure. Many IT admins now advise that passwords be a minimum of 12 characters, but we suggest increasing that to an 18-character minimum.
• Alphanumeric Characters – Requiring upper and lowercase characters and numbers greatly increases the complexity of the password. Alphanumeric characters also increase the potential combinations of passwords, making it even more difficult for a password, and thus a device or account, to be hacked.
• Special Characters – To increase the level of password complexity, require special characters in all passwords. This password policy alone adds another 32 characters that can be utilized to strengthen passwords. In combination with alphanumeric characters, each character in a password could have 94 different choices. Better yet, make that password have 18 characters and you have 1.78e119 number of combinations. Word to the wise: It’s more secure to have long passwords with many different character choices rather than just long passwords that contain only letters.
• Password Aging – If your organization is required to age passwords after, say, 90 days, then you’ll want to leverage this enforcement capability and have all users update their passwords every three months. As a general rule of thumb: Updating passwords to at least the same length and complexity after a set timeframe can only help to increase online security.
• Password Lockout – Another security mechanism that we advise adopting is the password lockout. That is, to lock a user out of his or her account after too many incorrect attempts to log in. The password lockout helps prevent hackers from brute-forcing their way into users’ accounts.

Full article