How to Strengthen and Manage Passwords

By Eric Noonan • December 12, 2017

In today’s world strong, unique passwords are a necessity. Whether it is a domain administrator password for an organization or a personal online banking account, it is crucial to safeguard information by having a robust password making access to any account or system less easy.

The Old Standard for a Secure Password is No Longer Sufficient

In a recent interview, Bill Burr shared that he regrets some of the recommendations he made back in 2003 regarding what makes a good password. In retrospect, he surmised, humans generally have difficulty generating strong passwords.

As a refresher, Mr. Burr wrote NIST Special Publication 800-62, Appendix A in 2003. This document essentially defined a strong password as a mix of upper and lowercase letters, numbers, and special characters. These days, a password needs other attributes to be considered strong.

What Not To Do

It’s is rather mind-boggling that some folks use the most simplistic passwords for business and personal use. Even in this era of security breaches and data loss, common – and incredibly weak – passwords include “password”, “12345678”, and “qwerty” (http://www.computerworld.com/article/3024404/security/worst-most-common-passwords-for-the-last-5-years.html)

Why does this happen? According to the 2017 version of the NIST Special Publication 800-62, “Research has shown … that users respond in very predictable ways to the requirements imposed by [password] composition rules” (NIST, 2017).

Bottom line: People can and should do better at creating and managing passwords.

What To Do

Two solutions can help you and your organization support better password creation and management. They are:

  • Two-Factor Authentication (2FA) – 2FA it is based on using something a user has and something a user knows to authenticate him or her. A perfect example of 2FA is an ATM. To get money out, a user must insert his ATM card (something he has) and enter a PIN (something he knows). While 2FA used to only be applicable to organizations, many online services such as Gmail, Facebook, and Amazon now allow a user to enable 2FA to further secure access to his or her personal accounts. The website https://www.turnon2fa.com/ provides easy-to-follow tutorials on how to enable 2FA on these services.
  • Password Manager – A password manager such as the opensource Keepass (http://keepass.info/) or the enterprise-level CyberArk privileged account management (PAM) solution provides a cryptographically secure repository and the ability to generate passwords that are both random, complex, and long. (Having your web browser remember your password is not a password manager). A password manager delivers a mechanism to securely store and generate strong passwords so that a user does not have to remember them. In the case of CyberArk, there are also many other features, such as automatic password rotation, privilege session monitoring, and integration with applications for App to App account management.

CyberSheath specializes in the deployment and customization of CyberArk’s PAM solution to fit each customer’s specific use case – and we can help you build the solution that meets your organization’s unique needs. Contact us today for your free assessment.

CyberSheath Blog

2022 in Review: The CyberSheath Story Expands

This year marked a deluge of messaging about the Cybersecurity Maturity Model Certification (CMMC) and federal contractors were rightfully confused. With our keystone event, CMMC CON, we aimed to set the record straight and offer the best guidance for those in the Defense Industrial Base (DIB).   CMMC CON 2022…

CyberSheath Endorsed by Frost & Sullivan in First Independent Analyst Commentary on CMMC

Independent analyst firms have weighed in with commentary on nearly every discipline of information technology. Security has garnered a large portion of that IT discussion, yet until recently, Cybersecurity Maturity Model Certification (CMMC) compliance has been left out.   Frost & Sullivan changed that by selecting CyberSheath as its preferred…

Be Prepared: CMMC 2.0 Is Coming

Cybersecurity is increasingly important to safeguard your company, your customers, and your partners. We're moving into a global cyber era and we've got to get better at protecting ourselves.   Our adversaries are capitalizing on the lack of security controls in place in the defense industrial base (DIB) and we…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO