Tip of the Week: Phoenix Technology Solutions Include Passwords Keeping Your Data Safe
Every week MyTek offers tips for Phoenix technology solutions for local businesses. This week, the topic is passwords. Passwords are always a major pain point for businesses, but in some industries, their importance is emphasized more than others. In particular, government-based organizations need to be prepared to keep more secure passwords. While we understand that not all organizations are government-based, there’s something to be said about proper password practices that we can all learn something from.
Best Practices for Phoenix Technology in Business Changes Rapidly
The United States’ National Institute of Standards and Technology (NIST) has issued new password recommendations and standards for government officials, and everyone can stand to benefit from at least considering the recommendations--even in the business sector. Some of these might seem a bit odd compared to what professionals typically say about passwords but bear with us. MyTek's Tip of the Week is always a great source to keep you updated on best practices for Phoenix technology in business news. Keep in mind, these recommended practices are new and not supported on all sites and login accounts. Here are just a few of them:
- Make the Passwords User-Friendly: Above all else, under the regulations of NIST, passwords should be user-friendly and place the burden on the verifier whenever possible. NakedSecurity explains this further by elaborating that forcing best practices upon users doesn’t always help: “Much research has gone into the efficacy of many of our so-called “best practices” and it turns out they don’t help enough to be worth the pain they cause.” MyTek can support your company with best practice employee implementation as a part of the Phoenix technology solutions we offer to our clients. After all, your security policies are only effective if they are implemented.
- Use a Minimum of 8 Characters: NIST’s new guidelines suggest that all passwords have a bare minimum of eight characters. This can include spaces, ASCII characters, and even emojis. The maximum number of characters is also indicated at 64.
- Cross-check poor password choices: NIST recommends that users stay away from well-known or common passwords, like “password,” “thisisapassword,” etc.
Let's Be Practical About Real Life Application of Phoenix Technology Solutions - Not only are there changes that need to be made, but there are others to avoid:
- Composition rules aren’t great: Stop trying to tell your employees what to use in their passwords. Instead, encourage users to use passphrases that are long and alphanumeric in nature.
- Ditch password hints: This is one you might not have heard of. NIST asks that password hints be removed, as anyone trying to break into an account can use their knowledge of the target to overcome this barrier and change a password (or find out the current one). The same can be said for knowledge-based authentication involving questions about the user’s personal life. Also keep in mind that replicating the same password for numerous accounts is a big no-no - just one of those real life Phoenix technology solutions that have big impact on your day to day business data safety.
- No more password expiration: This goes back to the “user-friendly” aspect of passwords mentioned earlier. The only time passwords should be reset is if they are forgotten, phished, or stolen.