Steps to make passwords more effective
Weak passwords are a component of one of the most common attacks vectors a penetration tester can leverage to breach an organization. For organizations of any size or sector, strong and secure passwords are a critical line of defense against malicious attackers and evolving TTPs. However, the complexity of ensuring passwords is impenetrable can often lead to a false sense of security while countless vulnerabilities are left unchecked.
Three simple steps to quickly improve password effectiveness are:
- Think of them as “passphrases” rather than “passwords.” Combining a series of words, as opposed to just one or two words, instantly makes it more difficult for attackers to breach the account.
- Leverage special characters within passwords and passphrases, especially spaces. Many people don’t realize that including space is a simple way to remain one step ahead of attackers.
- Utilize enhanced multi-factor authentication mechanisms, such as SMS text messages, especially for email and collaboration channels like Slack and Microsoft Teams.