September 30, 2020

Passwords are a key player in the data security landscape. But they are also one of the most vulnerable. They’re the backbone to any good cyber security strategy but can also be the biggest threat to an organization’s well-being.

Weak password management can leave enterprises vulnerable to data loss and privacy violations. Organizations must enforce strong password management policies as part of their larger identity governance initiatives.

Why Your Organization Needs Password Management

A recent SailPoint survey found that 75 percent of people reuse passwords across different accounts, which include both personal and work. It’s no wonder that about three quarters of today’s data breaches come from mishandling of passwords.

Poor password hygiene is one of the number one reasons for data breach. This is where having a good password management strategy comes in.

What is password management?

Password management is the security practice of creating, storing, managing and organizing your passwords, in order to safeguard against unauthorized access and breach of information.

We’ve provided the top five best practices when it comes to password management.

Password Management Best Practices

Strengthen your passwords

Your password’s strength against cyber-attacks is highly dependent on its complexity. The more complex your password, the harder it will be for hackers to infiltrate your accounts.

Creating long, complex, and unique passwords prevent hackers from cracking your code. Strong passwords are usually more than eight (maybe even 12) characters, contain upper and lowercase characters, and use different numbers and symbols.

If you think you’ll have trouble remembering your password, there are a couple of mental models that can help, like using the first characters of a memorable phrase.

For example, let’s take the popular idiom, “time flies when you’re having fun.” Your password could be “TfWYhF238#9%.” This password contains more than eight characters, upper and lowercase characters, as well as multiple numbers and symbols.

Some password management evangelists suggest using passphrases instead of passwords. Passphrases are like passwords, but uses a sentence, series, or combination of words and contain more characters. They can also contain numbers and special characters.

Implement Multi-factor Authentication

Multi-factor authentication adds another layer of security and protection beyond just entering a password.

Multi-factor Authentication (MFA) is an authentication method that authenticates or grants user access to applications, websites, data bases, etc. after presenting two or more pieces of evidence (factors) to verify their identity. It helps identify and verify the user logging in by requiring both a password as well as other forms of identity.

Multi-factor authentication is predicated on the factors of:

  • Something you know: Password or pin number
  • Something you have: Smartphone, mobile phone, or token
  • Something you are: fingerprint or face recognition

A subset of multi-factor authentication is two-factor authentication. This method requires two forms of authentication from the three factors of something you know, something you have, and something you are, in order to verify your identity. For example, you may need to enter your password and a code on your authenticator app in order to gain access to a system.

Never Use the Same Password

While it might seem like an easy option to reuse the same password for multiple applications and devices, what happens when that password is stolen? The hacker can gain access to all your accounts, both personal and work related. Your one mistake of using the same password could seriously compromise your company.

Make sure to create a different password for each of your accounts. By making each password or passphrase long and unique, you’re greatening the lengths they would have to go through to hack into your account.

Protect Privileged User Accounts and Passwords

Privileged user access is the act of granting some employees a higher level of access to data or applications. Privileged passwords are credentials that get you into those privileged accounts.

These accounts and credentials should be stored within a privileged access management platform because of the highly sensitive information.

Store Passwords in a Password Manager

Password managers take the burden off of remembering multiple passwords by storing and creating new and unique passwords for different accounts.

A password manager is software that stores all your passwords but is locked by a different master password. This master password should be long, unique, and extremely difficult to crack. Password managers also encrypt your data, so hackers won’t be able to gain access.

Enterprises need a strong password management program that automates password assistance and resets, as well as a robust identity governance solution that control governance and security issues.

SailPoint Password Management

SailPoint’s password management solution provides comprehensive password management across all your applications, is secure with enhanced password policy flexibility and assignment based on the user lifecycle, and integrates with multi-factor authentication providers.

SailPoint Predicative Identity can help your organization.

Take control of your cloud platform.

Learn more about SailPoint and Password Management.

Get Started Today