When it comes to passwords you need to understand that this is an automated process that hackers use to find known vulnerabilities on firewalls, servers and PC’s, so the goal is to be stronger than the other network.  Corporate networks and financial institutions have greatly strengthened their networks so hackers have moved to the small and midsized networks.  However their time is money.  If it takes them hours to find a single venerability they will move on.  But once they are in your network they will spend a lot of resources trying to gain access to computers with password hacker programs.  Once they gain access to a computer they are either looking to find valuable information or to use your network to attack additional networks.

Quality Firewall and strong passwords are only a part to your network security.  If you have more questions please ask for an evaluation.  Below are some basic recommendations for passwords for your server and PC’s.  These Practices evolve over time and you must continue to evaluate regularly as hackers find new ways to exploit networks.

 Password Best Practice

  1. Password Length – Strong Passwords need to be 14 characters or longer, think Passphrase instead of password.  Passwords over 14 characters have many more permutations because they can be one work or multiple.
  2. Upper and Lower Case – passwords are case sensitive so upper and lower.  However it is common for people to capitalize the first letter, so best practice is to use caps in addition to the first letter
  3. Numbers and special characters – You Can use ` ~ ! @ # $ % ^ & * ( ) _ + – = { } | [ ] \ : ” ; ‘ < > ? , . / and 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 however it is common for people to use what is called “Character Substitution” where they use a @ to substitute and a or a 1 or ! for an I.  This will not strengthen your password.  Because these are common the potential hacker has included these in their list of passwords to attempt.
  4. Requiring passwords to be changed.  Changing your password will not protect you from getting hacked but if you are hacked it may stop reentry to your network.  If you’re on an Active directory network you can enforce this to be a requirement.
  5. Locking a user after multiple wrong attempts – password hacker’s use an automated tool to retry user name and password combinations.  By locking the users after 3 or 4 bad attempts will limit the possibility of retries and lengthens the time that it takes to find combination. – If you are on an active directory domain this can be enforced by the server.

There is a balance between network security and usability.  The more secure your network can create creates limits to what the users can do.  This can cause some headaches.  Future Link IT takes a balanced approach to protect your network and streamline the restrictions to the things you need access to.

For a security evaluation Please contact Chris Higgins 224-523-8000



Pin It on Pinterest

Share This