Security Corner

Nov 22 2011   1:59AM GMT

Five essential steps to mitigating password attack threats



Posted by: Ken Harthun
Tags:
Password best practice
Password Management
Threat mitigation

After a bit of a hiatus on my studies for various certifications, I have gotten back into the swing of things and found a bit of wisdom that I wanted to share. From a Network Admin perspective, here are five essential password policies that will help you mitigate the threat of password attacks on your network:

  1. Do not allow the same password to be used on multiple resources. If an attacker manages to get one password, he will then have them all if the same password is used on more than one resource.
  2. Lockout a user account after a set number of failed login attempts. This defeats brute force password cracking attempts.
  3. Do not allow cleartext storage of passwords. Self-explanatory.
  4. Use strong passwords. Repeat: use strong passwords. Alternative: encourage passphrases. “mykittenpreferswhiskas” is very unguessable, but easily remembered.
  5. NEVER, NEVER, NEVER allow default passwords to remain on devices on your network. “Admin/admin” is too easy and is one of the first things a cracker will try. On any new device, immediately change the default username and password.

Seriously, these are so obvious that I haven’t even written about them all in one post before. I confess that I have sometimes forgotten one or more of them.

Don’t get complacent. Fix these now.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: