Passwords are virtual keys that safeguard data stored in email, social media, and online banking accounts. Unfortunately, some business leaders might be unaware of the dangers weak passwords pose to their company.
Weak passwords make companies vulnerable to breaches that jeopardize a business's reputation. Implementing strong password policies that set the rules for password length and character type contributes towards preventing costly attacks.
It’s far easier for criminals to log in to a company than to hack in and weak passwords create attack paths that provide access to an organization. Another security issue facing companies is password reuse.
This happens when staff create new accounts for applications but don’t make new passwords for them. Password reuse increases risk because one compromised password can give an attacker access to several applications and the wider corporate network.
Weak reused passwords are gold dust to cyber criminals
Reused passwords tend to be short and easy to remember. These passwords often have 12 or fewer characters, with eight being the most common. They are also susceptible to brute force attacks.
A brute force attack happens when a hacker takes a list of passwords such as qwerty, 123456, abcdef123, a123456, {Brand Name}123, password, and systematically tests them against a list of user emails to gain access to accounts.
Organizations find it difficult to detect compromised accounts until an attack is underway.
Systems administrators know that robust password policies strengthen their organization’s resilience against cybercriminals because when it comes to password hygiene users are often their worst enemies.
Password auditing is a rigorous inspection
Active Directory is an important tool that helps systems administrators identify shortfalls and ensure appropriate controls are in place. There are three reasons systems administrators perform an audit with Active Directory.
These include an attempt to understand the system under inspection, a measure of the system's compliance against an established standard, and a baseline creation that measures the impact of change in security policies.
Specops created a whitepaper that shares tips on how systems administrators can eliminate risky passwords from their organization. It introduces an audit tool that scans your Active Directory for password-related vulnerabilities.
