[12 DAYS OF PASSWORDS | 3 MIN READ] Scratching your head not knowing what passwords to use the next time you need to generate a considerable amount of new passwords for clients? We have a piece to the puzzle where we identify four types of passwords NOT to use for your next password rotation.
Refrain from using these 4 password types...
When thinking of new passwords, refrain from using values known to be commonly-used, expected, or compromised, a National Institute of Standards and Technology (NIST) study reveals.
NIST established 4 main types of passwords that are easily cracked:
- Passwords obtained from previous breach (don't just tack a '1' at the end)
- Dictionary words (eg. 'apple')
- Repetitive or sequential characters (e.g. ‘aaaaaa’, ‘1234abcd’)
- Context-specific words, such as the name of the service, the username, and derivatives (e.g. 'MSP1', 'password1', 'ADMIN')
MSP Quick Tip Takeaway...
- Still don't what passwords to use? Implement a password tool to help automate password generation at any frequency. Saves the hassle and alleviates technician time!
- 12 Days of Passwords: Educate Your MSP on Cybersecurity & Password Best Practice
- 12 Days of Passwords: Use Multi-Factor Authentication (MFA)
- 12 Days of Passwords: Access Management to Privileged Credentials
- 12 Days of Passwords: Four Password Types Not To Use (You're already here!)