[DidYouKnow-31] Enforce password policy

The need for an effective password policy is undeniable, that I have to admit that I almost feel dubious even writing an article on the subject. It is very important for an organization to follow various aspects of the password.

The following are the aspects that need to be considered seriously:

Complexity, Length, Strength, and Expiration.

Passwords are the first line of protection against any unauthorized access to your application, devices or any for that matter. The administrator as part of the organization can enforce the password to consists of characters as described above.

Educate users to manage their passwords in a simple way:

Having said that, it would be absurd for users to remember a password like “eC<My!ch,quaj^of)naD}uM}rIewYUer>Ap[Ek}E*quaC.eib(Tyb” which is VERY secure. It contains almost every element of a strong password.

But how many users will remember a password like this? Chances are a strong password like this is written down on a piece of paper glued to the user’s monitor or underneath their keyboard. It might be even hidden among the random items on the users’ desk.

User can instead relate their passwords to something they can easily remember, like a favorite sport or location. For instance, “I love playing volleyball” can be “ILuvPlay!ngVoLLeyb@ll91”. Secure and also easily remembered by users.

From ServiceDesk Plus, administrators can enforce a password policy that would apply to local authentication.