29 August 2018

No, eight characters, some capital letters and numbers is not a good password policy


Bad passwords are one of those problems that never goes out of fashion, and sure enough, in a recent audit (26 per cent) of  Active Directory passwords were found to be somewhere between easily guessed and downright lamentable.

Among these, ‘Password123’ was in use by 1,464 accounts, ‘Project10’ by 994, ‘support’ by 866, ‘password1’ by 813, and ‘October2017’ by 226, to pick only the top five worst offenders in popularity order.

In one particularly epic fail, the auditors said they were able to remotely access a test environment for the agency’s web system using the password ‘Summer123’.

So, puhleaze: choose your passwords carefully, no simple ones, complexity is the key, and no reuse of passwords either! If you need help: contact Donline.


No comments:

Post a Comment