Evolve Your Communications With 3CX Phone System
Attackers are very clever and there are multiple techniques to crack passwords that they can use. Hackers can easily find tools on the internet. The following makes password security easier for your users while improving your system security as a result.
If you are not currently taking precautions on passwords Contact us now so we can see how we can help.
HOW PASSWORDS ARE CRACKED...
We can help improve your system. Contact us today for help.
Passwords can be intercepted as they are transmitted over a network
Automatic guessing of millions of passwords until the correct on is found.
IT Infrastructure can be searched for electronically stored password information.
Insecurely stored passwords can be stolen - this includes handwritten passwords hidden close to a device. (ex. In your top drawer of your desk next to your computer)
Personal information, such as name and date of birth can be used to guess common passwords.
Observing someone typing their password.
Attackers use social engineering techniques to trick people into revealing passwords.
An installed keylogger intercepts passwords as they are typed.
...HOW TO IMPROVE YOUR SYSTEM SECURITY
HELP USERS COPE WITH "PASSWORD OVERLOAD'
Only use passwords where they are really needed
Use technical solutions to reduce the burden on users
Allow users to securely record and store their passwords
Only ask users to change their passwords on indication of suspicion of compromise.
Allow users to reset passwords easily, quickly and cheaply.
HELP USERS GENERATE APPROPRIATE PASSWORDS
Put technical defenses in place so that simpler passwords can be used.
Steer users away from predictable passwords - and ban the most common.
Encourage users to never re-use passwords between work and home.
Train staff to help them avoid creating passwords that are easy to guess.
Be Aware of the limitations of password strength meters.
Black list the most common passwords
Monitor failed login attempts...train users to report suspicious activity.
Prioritize administrator and remote user accounts.
Don't store passwords in plain text format.
Change all default vendor supplied passwords before devices or software are deployed.
Use account lockout, throttling or monitoring to help prevent brute force attacks.