Defining a strong password policy:
Almost 63 percent of hackers targeting SMB's take advantage of weak passwords and out of this, 93 percent of hackers take just few mins to identify the passwords and compromise accounts.
Password's are the first step towards effective IT security management, hence to keep your password's strong and secured here are few password security best practices to be followed by users and enterprises,
- Keep your passwords lengthy and complex.
- Combination of alphabets, numbers and special characters are difficult to compromise.
- Avoid using personal references like date of birth, surname, etc., as passwords.
- Use different passwords for different accounts.
- Avoid using adjacent keywords like "qwerty" or "asdzxc" and more common terms like "password" or "username".
- Don't write down your password anywhere.
- Have an expiry duration for the password's, so users will continuously update them.
- Avoid checking ON the "Remember me" option while login in to your account.
- Employing a password manager tool can help if there are multiple accounts with different type of passwords.
We at ManageEngine have developed customized scripts for defining strong passwords for machine level policies.
The below script will assist in setting up a strong password policy for client system, once the current password expires, the new password will abide to the previously defined password policy.
Steps for defining the password:
- Navigate to configuration-> ScriptRepository
- Click on Templates tab.
- Select Script PasswordPolicies.bat and Add the script to repository.
- Then, go to Repository and select the PasswordPolicies.bat to be executed.
- Create configuration for the selected script.
- Give appropriate arguments by reading the script description.
- Define the target and deploy.
OS Support: Above Windows XP and server OS 2003.