The FBI provides weekly computer security tips for individuals and businesses through its Protected Voices program. Today, it is offering six tips in partnership with the National Institute of Standards and Technology (NIST) to secure its computer network against password hacking...
1 It's the length that counts
Require long passwords or secret phrases of at least 15 characters, not requiring upper case, lower case or special characters.
2 No changing passwords without a reason
Do not force password changes if there is no reason to believe that the network has been compromised.
3 No words from the dictionary
When creating passwords, filter them with dictionary words and passwords known to have been compromised. This will force the user to find another, more secure password. This system can be set up by the company's system administrator.
4 No limitation in the number of tests
To prevent a denial of service attack (when the IT department no longer responds due to an overload of requests) against your email service, do not lock a user's account after a number of incorrect login attempts. If a hacker floods your network with deliberately incorrect login information, your users will not be excluded from their accounts.
5 No clues, sorry!
Do not allow clues to retrieve a password.
6 Yes to password manager
If necessary, use a password management program. These programs store all your passwords in one place and some programs even create strong passwords for you. So the only password to remember is the manager's password.
Of course, if this master password is discovered, the entire security of the passwords is compromised. But according to the FBI, many IT professionals agree that the benefits of a password management program far outweigh the risk.
