It’s All About Security
Everybody and every publication is finally pushing the need for tighter security. What’s lacking in much of what you read is the balance necessary between security and usability. If we make the network so secure that our teams can’t get any work done, it’s useless.
This year, Quo Vadis will be encouraging our clients to embrace Microsoft’s Password Guidance. Many of you may be reading in your own trade journals about the idea of passwords with no expiration. We agree! Our goal is password diversity to provide the best security. Today’s general password policies actually do the opposite of our intended goal.
A University of North Carolina study found 17% of new passwords could be guessed in five tries or less, given the old password. And almost 50% could be guessed in a few seconds of un-throttled guessing! So much for diversity.
Two-factor authentication (2FA) is crucial to the security plans of the future. By way of reminder, two-factor authentication uses two out of three factors to confirm your identity.
- Something you know (like your password)
- Something you have (like your mobile phone)
- Something you are (like your face or fingerprint)
I use 2FA for my Amazon account, my online banking, my email, remote access… everything I can. You should too!
Here are our recommendations to move forward.
- Don’t use your business credentials outside work.
- Use two-factor authentication whenever possible.
- Use biometrics whenever possible.
- Invest in a password manager.
- Don’t store passwords in your browser.
- Don’t reuse passwords!
- Keep your operating system and application software updated. (We can do this for you.)
We will be reaching out to you shortly to remove your password expirations.