Security policies are essential in every digital phase. Because of high demand in cyber-attacks. Companies are now becoming very serious. It not just about implementing anti-virus software in systems, but companies wants to add security solutions on every input and output of their devices. Company requires each and every user to update their system to latest security patches. There are many methods to safe guard from any kind of attacks. Password policies is the other common thing that is required to login in every online/offline portals. Very common and very often used to check authenticity of the user.
Password policy is the set of rules and regulations that is used to validate the security of systems. For strong password follow the below policies: -
- Implementing password history policy – Password history policy stores old password that are reused several times. Password history policy should be implemented with last 10 previous passwords. We can see different login pages that don’t want users to use same passwords. With this policy, attackers are unable to use password in “password guessing attack”.
- Short-age Password Policy – We can see banks sign in page that passwords has very short age. This policy is generally used to keep brute force attacks away from attackers. Minimum age will prevent attackers from knowing the password. The minimum password age should be from three to seven days. This makes sure that password are less to suffer. As an administrator if the password change is not concluded on end-point. Then it is administrator responsibility to change.
- Maximum Password Policy – This policy should be strictly followed by many companies because it forces us to change password regularly. To ensure best security, companies should implement 90 days for changing password.
- Minimum Password Policy – Minimum password policy resolves minimum number of characters to create a password. The minimum password length should be eight characters long because they are harder to crack. For high security you should set minimum 14 characters of password length. Changing default configurations is also very important.
- Create password with complexity – Password must contain complexity. For that, usage of special characters is required to ensure password complexity.
- Password Audit Policy – Password audit policy allows to track password changes. By monitoring, modifications you can track potential security measures. It helps to ensure accountability and shows the proof in data breaches.
- Reset Password – According to cyber experts, resetting of password is a very good practice that should be followed to decrease any sort of password attacks. Password should be reset in every 180 days and service account should be reset at least once a year.
- Password auditing policy – This policy tracks all the password changes and notifies user to change the password. It also helps in tracking potential security risks.
- Email notifications – Every user checks their email accounts regularly. Setting a reminder on email accounts notifies user to change passwords regularly.
- Using Reversible Encryption – Reversible encryption stores password in plaintext form. This method is used where password is frequently changed or it should be known by administrator. Reversible encryption uses CHAP (challenge handshake authentication protocol).
- Use
Strong passphrases – Passphrases works same as passwords. But
they are way stronger than passwords. Passphrases are of minimum 15 characters
and should be contain upper/smaller letter, special characters and numbers. Normally,
passwords are easy to crack but passphrases requires long time to know the
login credentials of the target website.
Conclusion: -
Good
password policy helps users to stay safe from hackers. To know more about
password policies and other thoughts related to hosting and domain. Connect
with HTS Hosting, best hosting
company in India that provides Windows shared hosting,
Linux dedicated
hosting.
No comments:
Post a Comment