The disconcerting increase in cyber crime since the beginning of the Covid crisis along with adding Policies to our Adoptech Vendor Policy Builder causes us to reflect on how approaches and best practice has evolved. A current example would be with passwords. Devolutions.net has kindly provided some thoughtful insight with their 10 Password Management best practices blog post.
It is interesting to note how password best practice has changed even in the last few years. Implementation of a password manager seems to be readily acceptable along with cutting and pasting a password (when used with a password manager). The advice is now no longer to regularly change passwords but to change passwords after evidence of a compromise. Frequent changes to passwords tend to encourage weak passwords.
One that I will take with me going forwards is moving from “Leetspeak” to the use of Passphrases. We are @11 9u1lty of employing this approach with our password creation. It is far better to use phrases. Felix Boulet at Devolutions cites an example: “My Purple Dog, Paul, Loves When I Play Frisbee With Him”. As you can see, it is wiser to choose a passphrase that doesn’t make logical sense and is not associated with the user (i.e. the user in this example does not have a dog, purple or otherwise).
If you wish to know more about our policy builder, password policy, or any of the up to 80 policies you might require to be enterprise-ready and adopted as a technology vendor, get in touch.