(727) 692-7055
Pentasys Corporation
  • Home
  • About Us
    • Our Clients
    • Our Methodology
    • Our Partners
    • Our Projects
    • Our Team
  • Services & Solutions
    • Network Support
    • Managed Services
    • Business Continuity & Disaster Recovery
    • Security
    • Development Services
    • Cloud Solutions
    • Business Consulting
  • Blog
  • Client Portal
  • Contact Us
  • Menu Menu

Your passwords are not secure

Security

A password policy designed for federal agencies must be secure, right? Surprisingly, that hasn’t been the case according to the National Institute of Standards and Technology (NIST). On the hook for the password best practices that we still use today — the combination of letters, capitalizations, and numbers — NIST admits that the existing guidelines were misguided. Find out why and how it involves you.

The problem

The issue isn’t necessarily that NIST advised people to create passwords that are easy to crack, but it did steer people into creating lazy passwords, using capitalization, special characters, and numbers that are easy to predict, like “P@ssW0rd1.”

This may seem secure, but in reality, these strings of characters and numbers could easily be compromised by hackers using common algorithms.

To make matters worse, NIST also recommended that people change their passwords regularly, but did not define what it actually means to “change” them. Since people thought their passwords were already secure with special characters, most only added one number or symbol.

NIST essentially forced everyone, including you and your colleagues, to use passwords that are hard for humans to remember but easy for computers to guess.

The solution

One cartoonist pointed out just how ridiculous NIST’s best practices were when he revealed that a password like “Tr0ub4dor&3” could be cracked in only three days while a password like “correcthorsebatterystaple” would take about 550 years.

Simply put, passwords should be longer and include nonsensical phrases and English words that make it almost impossible for an automated system to make sense of.

Even better, you should enforce the following security solutions within your company:  

  • Multi-factor Authentication – which only grants access after you have successfully presented several pieces of evidence
  • Single Sign-On – which allows users to securely access multiple accounts with one set of credentials
  • Account Monitoring Tools – which recognize suspicious activity and lock out hackers

When it comes to security, ignorance is the biggest threat. If you’d like to learn about what else you can do to fortify security, just give us a call.

Published with permission from TechAdvisory.org. Source.

October 19, 2017/by Pentasys Corporation
Tags: 2017october19security_c, account monitoring, multi-factor authentication, password security, security best practice, single sign-on
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Vk
  • Share on Reddit
  • Share by Mail
https://www.pentasys.net/wp-content/uploads/2017/10/2017October19Security_C_PH.jpg 300 900 Pentasys Corporation https://www.pentasys.net/wp-content/uploads/2015/12/logo.jpg Pentasys Corporation2017-10-19 20:00:162017-10-19 20:00:16Your passwords are not secure
You might also like
Office 365 users face new phishing scam
Google releases year-long security study

Recent Posts

  • Assess risks before buying new softwareJuly 5, 2018 - 8:00 PM
  • What to do in case of a website breachJune 28, 2018 - 8:00 PM
  • SMB routers targeted by VPNFilter malwareJune 20, 2018 - 8:00 PM
  • Apple WWDC 2018: News and updatesJune 19, 2018 - 8:00 PM
  • Hide & Seek malware: What you need to knowJune 15, 2018 - 8:00 PM
  • Chrome: From HTTP to HTTPSJune 14, 2018 - 8:00 PM

Post Categories

Archives

Say goodbye to complex IT holding your business back

We make IT simple

Get IT Support that works

Interesting links

Here are some interesting links for you! Enjoy your stay :)

Pages

  • Home
  • About Us
  • Services & Solutions
  • Blog
  • Citrix Demo
  • Contact Us
  • FREE Security Assessment
  • Privacy Policy
  • Support Center
  • Thank You!
  • Network Support
  • Our Clients
  • Managed Services
  • Our Methodology
  • Business Continuity & Disaster Recovery
  • Our Partners
  • Our Projects
  • Security
  • Development Services
  • Our Team
  • Cloud Solutions
  • Business Consulting

Categories

  • Apple
  • Business
  • Business Continuity
  • Business Intelligence
  • Business Value
  • Google
  • Healthcare
  • Internet Social Networking and Reputation Management
  • Office
  • Security
  • Social Media
  • Web & Cloud

Archive

  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
© 2023 Pentasys Corporation All Rights Reserved. | Website Hosting by K.Tek Systems Inc.
  • Privacy Policy
5 computer tips that add hours to your dayCisco to predict IT failures using AI
Scroll to top