Password security best practices – Infographic

Updated: October 3, 2016 – With data breaches and security flaws a regular occurrence in our digital lives, we have taken a natural interest in protecting our personal and financial information. A secure password, is the first line of defense. To help our customers make better password choices, we recently published the below infographic, which outlines current password security best practices. The tips were generated following several discussions with our Product Specialist team. Our experts work closely with our password management clients and advise on best practices for remaining compliant and protecting information against the latest threats. Their close interactions with clients also shape the future of our password products – a recent example being new capabilities in Specops Password Policy which allows administrators to block common passwords and password hashes from leaked lists.


While the recommendations in our infographic are closely aligned with industry best practices, there can be conflicting opinions. For example, while compliance requirements, such as PCI, recommend a 90-day password expiration period, some experts now recommend never changing your password. According to these experts, the more users are forced to change their passwords, the more similar their passwords will be, posing a greater security risk. Additionally, they argue that new passwords are more easily forgotten, which carries productivity costs when users are locked out – a problem that we believe can be avoided with a password reset solution.

There’s no shortage of resources that can help you tighten password security. Infographics are user friendly, and a good place to start. But to take password security seriously, you should ensure that the best practices you follow are aligned with regulatory compliance requirements such PCI, HIPAA and SOX. Finally, as new threats emerge your password policy will require adjustments. Be prepared to embrace change! We will update our infographics as more data becomes available to ensure that we are sharing the latest best practices. Check back often so you don’t miss out!

(Last updated on October 30, 2023)

Back to Blog