Password Guidelines and IT Security
Cybersecurity experts like NIST now discourage organizations from implementing strict password policies, such as minimum length and complexity requirements and regular password changes. Their reasoning is clear: The workarounds users resort to in the face of strict policies are more harmful than looser password requirements. For example, if users do not need to frequently reset their passwords, they do not need to write them down.
But you don’t have to sacrifice the security of having strong password requirements — provided you give users a tool that makes complying with them easy and convenient: a password manager.
This white paper explores this vital paradigm shift, covering:
But you don’t have to sacrifice the security of having strong password requirements — provided you give users a tool that makes complying with them easy and convenient: a password manager.
This white paper explores this vital paradigm shift, covering:
- How traditional password requirements lead to user confusion and overload
- The insecure workarounds that users resort to as a result
- How this situation led standards bodies like NIST to recommend looser password policies
- How password managers enable organizations to avoid insecure practices without lowering their standards
- How Netwrix Password Secure can help