Strong passwords: 6 best practices for corporate networks

A single password can violate your entire IT architecture. Any access to the corporate network is a direct entry to your databases, interdepartmental processes, and codes. For this reason, strong password management is essential in IT departments. 
 
Strong password policies are a key factor in the digital transformation of companies. These allow you to maintain access control in hyper-digitized work environments, where cloud solutions and remote jobs are common. 
contraseñas seguras
 
In this sense, the Systems team must promote logins best practices. All this through robust authentication protocols, and other credential security measures. According to statistics, 55% of a company’s personnel do not know how to maintain the hygiene of their passwords, or the proper management of them.
 
In the following article, we present you 6 best practices for the management of passwords.

6 best practices for strong passwords in corporate networks

Many employees misuse their passwords. This, in part, is caused by a large number of tools they must access on a daily basis. And on the other hand, it is also caused by ignorance about the various techniques of cybercriminals.
 
Due to this situation, systems must establish access protocols with automatic compliance. And thus, eliminate vulnerabilities caused by human management. 
 
Regardless of your strategy for ensuring strong passwords, you should consider these practices: 

# 1 The perfect login

End-user logins are the favorite target of crackers and other cybercriminals. For this reason, it is necessary to design login screens with various cybersecurity tactics to ensure authentication. You should limit the range of action of the attackers to prevent them from advancing in your systems, but without affecting the experience of legitimate users. 
 
 In this sense, experts recommend the integration of the following features into logins.
 
  • Discretion: Although many platforms alert when the user types erroneous data, it is recommended to reduce the clues to a minimum. This implies, to avoid the indications and to offer additional information on the use of capital letters; as well as the warnings by non-existent or erroneous emails during the login process. 
  • Proper passwords: Require users to use passwords with 8 or more characters. They must include lower case, upper case, numbers, and signs. The superficial complexity, created by regular users, also plays an important role in the implementation of strong passwords. 
  • Control keyloggers: Reinforce security with automatic filling protocols to mislead keyloggers. You can use password managers on your organization’s computers and delete logins from external devices. 
  • Limit the number of attempts: Reduce the number of login attempts. Financial sector usually allows users three login attempts before blocking the login screen. Statistically, more than three failed attempts suggest the presence of a cracker. 

# 2 Rotation of credentials

Say goodbye to permanent passwords. Especially if they are the key of applications with sensitive information, such as financial data, customer databases and industrial processes.
In this respect, the credential rotation is the best way to have secure and current passwords. It changes the access keys from time to time, in order to reduce the possibilities of crackers, keyloggers and other threats.
 
It is recommended to change credentials after the workday. With the implementation of this protocol, embedded codes must also be eliminated. Without a doubt, the credential rotation is a very useful tool for IT administrators’ accounts.

# 3 Double Authentication Factor (2FA)

With IAM software you can request 2FA protocols from all users. The dual factor authentication allows you to guarantee the physical identity of your employees. And in this way, you can keep bots, hoppers, and illegitimate users away. 
 
If your business has a large digital infrastructure and valuable digital assets, it is recommended to request passwords and the use of USB tokens, face recognition or voice recognition before entering certain applications.

# 4 Remove hard-coded configurations

Eliminate the practice of hard-coded passwords. You must clean the keys embedded in applications and scripts. We recommend you to use a REST interface capable of working with the various languages of your systems such as Java, .NET, Perl, and others.

# 5 random characters 

It is always advisable to generate corporate network passwords and then distribute them to end users. In this case, random characters are the best way to build strong passwords.
 
Avoid at all costs phrases related to the company, local references, and other concrete ideas easy to crack.
 

# 6 Password management plan

Draw up a password management plan. And run it with an access management platform. Identify the vulnerabilities in your logins, and from there implement solutions in each weak point of the corporate network. To control activities at each stage, consider the steps that users must take. In this way, your company can guarantee strong passwords.
 
The Bomgar Software for Secure Access is one of the most reliable tools in the market for access control. Contact us to clarify all your doubts about credential security.

To see the credits of the images, Here