This website uses cookies to ensure you get the best experience on our website. Learn more
Password security best practices – Infographic
Updated: October 3, 2016 – With data breaches and security flaws a regular occurrence in our digital lives, we have taken a natural interest in protecting our personal and financial information. A secure password, is the first line of defense. To help our customers make better password choices, we recently published the below infographic, which outlines current password security best practices. The tips were generated following several discussions with our Product Specialist team. Our experts work closely with our password management clients and advise on best practices for remaining compliant and protecting information against the latest threats. Their close interactions with clients also shape the future of our password products – a recent example being new capabilities in Specops Password Policy which allows administrators to block common passwords and password hashes from leaked lists.
While the recommendations in our infographic are closely aligned with industry best practices, there can be conflicting opinions. For example, while compliance requirements, such as PCI, recommend a 90-day password expiration period, some experts now recommend never changing your password. According to these experts, the more users are forced to change their passwords, the more similar their passwords will be, posing a greater security risk. Additionally, they argue that new passwords are more easily forgotten, which carries productivity costs when users are locked out – a problem that we believe can be avoided with a password reset solution.
There’s no shortage of resources that can help you tighten password security. Infographics are user friendly, and a good place to start. But to take password security seriously, you should ensure that the best practices you follow are aligned with regulatory compliance requirements such PCI, HIPAA and SOX. Finally, as new threats emerge your password policy will require adjustments. Be prepared to embrace change! We will update our infographics as more data becomes available to ensure that we are sharing the latest best practices. Check back often so you don’t miss out!
(Last updated on March 17, 2025)
Related Articles
-
NYDFS Cybersecurity Regulation: Up-to-date compliance guidance
The stakes are high when it comes to cybersecurity in the financial sector. Financial organizations house a lot of sensitive customer data, including login credentials, personally identifiable information (PII), and banking details. The New York State Department of Financial Services (NYDFS) has therefore taken a proactive stance to safeguard sensitive information and protect consumers by…
Read More -
Navigating HIPAA cybersecurity requirements: A guide for healthcare providers
Healthcare data is a prime target for hackers. It often includes personal identifying information (PII), medical records, insurance details, and financial information, which can be used for identity theft, insurance fraud, and other malicious activities. The high value of this data on underground forums makes healthcare organizations frequent targets for cybercriminals. This is why regulations…
Read More -
Healthcare cybersecurity: How to prevent password sharing
In the high-stakes world of healthcare, where every second counts and patient care is paramount, the temptation to share passwords can seem like a minor shortcut. Professionals in the healthcare industry can find themselves navigating a delicate balance between ensuring seamless access to critical systems and maintaining robust security protocols. However, while sharing passwords might…
Read More