Security News > 2020 > February > Tips for a Smarter Approach to Password Policy

As the technology and tools to leverage stolen credentials advance, a more thoughtful approach to your organization's password policy is a highly effective way to reduce risk by better protecting your customers, network assets, and employees.

Defenders can augment traditional password policy best practices with the ability to take action based on indicators observed within the cybercrime underground.

Use a Password Manager - While in many circles it's become conventional wisdom, it bears repeating: password managers are an easy, efficient way for users to maintain unique passwords for each account.

On the contrary, forcing users to frequently come up with new passwords can encourage them to reuse a password they're already using for another account or simply make a slight modification to an existing password.

The most effective policy is to only reset passwords known to have been exposed in breaches, which can be accomplished by monitoring for compromised credentials and simultaneously make users comfortable with using complex passwords or phrases.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/zEmjvxG3dUo/tips-smarter-approach-password-policy