As I’m sure you are aware, yesterday, May 4th, was World Password Day — that special day when we collectively take a moment to reflect upon the strength of the measures we take to ensure our digital privacy and security. But amidst the hectic holiday hustle and bustle of special characters and correcthorsebatterystaple-s1, it can become all too easy to lose sight of the true meaning of the holiday: protecting your sensitive data from malicious actors.

World Password Day

1 Password Strength. Photo via www.xkcd.com

Of course strong passwords are an essential condition of any effective attempt to secure access to your organization’s data, but without the support of strong organizational policies to manage your employees’ passwords, your users and your company will remain vulnerable to intruders.  Therefore, to celebrate the true spirit of World Password Day, let’s look at some of the ways to make sure your secure passwords are more than strong gates in crumbling walls.

Password Managers

Good password management software is essential. There’s no reason to create a strong password if you’ll leave it in plain sight by sticking it to your monitor, and a Rolodex full of passwords stored in your desk drawer is hardly more secure. Instead, store it using a secure digital service designed for that purpose. Password management solutions also often feature random password generators, automatic login functionality, and ways to share credentials securely, without giving another user your password. When considering a solution for your organization, look for one that will allow administrators to set restrictions and requirements on your employee’s’ passwords, to help ensure that all users have at least a minimum of password strength.

Two-Factor Authentication

While a strong password can force an intruder to get creative in his or her attempts to access your data, any password can be cracked. Two-factor authentication adds another layer of security by forcing a hacker to possess something of yours, like a USB dongle, one-time code, mobile phone, or retina. Hence, a user’s credentials would be useless without also having physical access to the two-factor authentication device.

IP Range Restrictions

If your employees work in a defined location, or if you use a company VPN, you may want to consider restricting the range of IP addresses from which an individual may access your systems. This would force a malicious actor to first have access to your location or your network before attempting to break your password. Note: strong physical security and guest/visitor facility access policies are a must.

Education

Ultimately, your organization’s data is only as secure as your employees make it. Education is critical not only because it can teach your employees how to better protect themselves and the company, but by helping them understand the reasoning that drives your password policies.  Enthusiastic adoption is key — otherwise, your employees will see these restrictions as a burden, and find more creative ways to beat them. Help your employees understand that they are essential elements in the fight to protect your company’s data, and reap the rewards of a more secure environment.

Happy World Password Day!

1 https://xkcd.com/936/