I Have to Change My Password Again?

My good friend, Scott Driza, from DocBuilder.com Incorporated recently wrote about password policy considerations. I don’t know about you, but I can’t stand changing my passwords at work. I’ve already run through all of my usual strong passwords, and I can’t go back to them until I’ve created 10 more passwords that I’ll never remember. What’s worse is that every single system at my current employer has its own password and password policy.

I am a big proponent of single sign on technologies because of all of the pain and suffering I have endured while trying to come up with a new password for a bazillion applications every 60 to 90 days. To avoid causing pain and suffering for your users, the first thing you should think about doing is tying all of your network and web applications together under one user name and password. I know this takes a bit of work when building or configuring the applications, but it is worth it in the long run. Secondly, make it easy for the users to come up with new passwords. Having a password at least 7 characters long with at least 1 capitalized letter and 1 number is strong enough for most businesses. Most of the applications are buried behind corporate firewalls anyway.

One user name, one password, one simple policy – Three things that will make your users happier and your network safer.