Implementing Password Policy on Managed Device
First of all, what is a password policy?
Password policy is a set of rules that enforce strong passwords and security practices around the usage within an organization. The password policy may include minimum password length, complexity requirements, special characters, etc.
The password policy improves the security of corporate data stored within the mobile devices, systems, and networks under the scope of the enterprise.
However, many organizations lack the appropriate security measures required for today’s cyber landscape. The fact that is nowadays, still people using simple, insecure passwords such as 12345678, qwerty, 12341234, etc. from the most popular passwords of 2020 at the top chart. Thus, these can be mitigated with the help of an airtight password policy.
Best practices for a password policy
The password security policy can be set on how often the employees are allowed to use old passwords. By doing so, it can reduce the chances of employees for using previously used passwords. The employee should enter a minimum of at least 3-5 unique passwords.
The IT team have to set an expiry date for the passwords used by the employees on their work devices. The passwords on work devices should be updated regularly to improve the security of your organization data. Set a password age so that this is possible and employees can update their passwords on their own volition.
Setting up a complex password which is hard to guess and therefore harder to crack. A solid complex password should be at least six characters, should not contain any username elements (such as your first name), and should use several types of characters — lower case and upper case, numbers, and symbols such as! * + etc.
The length of the password is important in determining the strength of a password. As such being the case, defining the total length of the password is crucial for organizations that should ideally include 12 characters but can be up to 16 to add to its complexity and security.
Include the account lockout policy which determines the amount of time the device will remain locked out after a certain number of invalid password entries. You can select the ideal lock-out period that should be initiated after the maximum number of erroneous password attempts has been made.