How to Protect Passwords and Foster Cyber Hygiene Within The Organisation

 - Sakshi Post

On World Password Day, Matt Shelton, Director, Technology Risk and Threat Intelligence at Mandiant, provides some key points that can help in fostering cyber hygiene within the organisation.

  • Whenever possible, use Multi-Factor Authentication (MFA) prioritizing banking, email, and social media accounts.  Hardware tokens like Yubikey and software tokens like Google Authenticator are more secure than SMS-based MFA.  SMS-based MFA is still more secure than just using a password!
  • Enterprises should disable mobile-push on employee MFA tokens.  Mandiant has observed an increase in threat actors abusing mobile-push functionality over the last several years
  • Practice good password hygiene by using complex and long passwords that are unique for each site you visit.  A strong password doesn't have to be difficult to remember as long as it's long!  Consider using a long phrase that's easy to remember
  • Consider using a password manager to store unique and complex passwords for every site you visit.  When choosing a password manager, use an industry recognized provider and never store your passwords in a document on your desktop!
  • There's no longer a need to change passwords on a regular basis as long as you practice good password hygiene.  Instead, change your password when you know a site you have an account on has been breached.  Many password managers will proactively alert you when this happens

Read More:

Back to Top