#8. Offer an easy password selection guide
Use an easy password selection guide to help users create strong, yet easily remembered passwords. The guide could suggest that users start with the title of a favorite movie, book, or item from any popular category and add characters to form a new password. "That way it can be easy to remember what characters are capitalized and where the punctuation marks should go, such as with the password Ghost^Busters!2?," says John Zurawski, vice president at Authentify.
#9. Require longer, stronger passwords
With the new-found ease of creating memorable passwords, users should be less averse to using longer, stronger passwords. Here's why long and more complex passwords naturally help.
Hackers don't attack passwords manually by guessing at character combinations but rather use brute force attack software to crack passwords. "A 16-character password with upper-case and lower-case alpha characters, numerals, and symbols could withstand 10- or 12- days of concentrated brute force attacks, possibly more," says Zurawski. That may be long enough.
"Typically when hackers steal password files, they settle for cracking 60- to 90- percent of the passwords on multiple passes through the file before selling the results and moving on. If your password is among the 10- or 20- percent that are the most resource-intensive for the hacker to crack, the probability that you will remain safe is high," says Zurawski. Extending password length is a simple policy change.
#10. Employ full disk encryption on company laptops.
A fully encrypted laptop hard drive that requires a user password on boot up helps protect the enterprise against data theft and misuse when a laptop is lost or stolen. "You can achieve this kind of roll out in months," says Zurawski.
Sign up for Computerworld eNewsletters.