{"id":6604,"date":"2020-11-24T15:49:19","date_gmt":"2020-11-24T15:49:19","guid":{"rendered":"https:\/\/www.n-able.com\/?p=6604"},"modified":"2021-05-06T13:59:53","modified_gmt":"2021-05-06T12:59:53","slug":"5-tips-rock-solid-password-security","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security","title":{"rendered":"5 Tips for Rock-Solid Password Security"},"content":{"rendered":"<p>There\u2019s a lot of flash around some topics in security. Whether it\u2019s the ever-present, evolving threat of ransomware or a new threat du jour, it\u2019s definitely important to stay on top of these developments. But it\u2019s also easy to get distracted from the fact that a good portion of cyberattacks often come from small holes in a security posture.<\/p>\n<p>One of the biggest threats we face as an industry, particularly during an era of remote working, is the use of weak or reused passwords. Today, we\u2019ll talk about some developments around passwords and remind you of strong practices to keep your passwords safe.<\/p>\n<h2 class=\"h3\">The latest on passwords<\/h2>\n<p>Passwords really weren\u2019t created to do the type of heavy lifting we require of them now. When username\/password combinations were first developed, a user only needed a few passwords to get by. They could connect to their computer or a mainframe without much trouble. Currently, however, people have a multitude of services requiring\u00a0<a class=\"ext\" href=\"https:\/\/www.passportalmsp.com\/use-cases\/privileged-access-management?promo=blog\" target=\"_blank\" rel=\"noopener noreferrer\">authentication credentials<\/a>, making it hard to keep track of all the passwords.<\/p>\n<p>This puts a very heavy burden on users to come up with strong passwords for each account and, more importantly, remember them. This leads people to reuse passwords across accounts. While this may seem obvious, the extent of the practice can put a finer point on it\u2014<a class=\"ext\" href=\"https:\/\/spycloud.com\/spycloud-research-breach-exposure-of-the-fortune-1000\/\" target=\"_blank\" rel=\"noopener noreferrer\">SpyCloud found roughly 76% of Fortune 1000<\/a>\u00a0employees used the same password from their corporate email on other accounts. This stat isn\u2019t meant to pick on those companies\u2014rather, the point shows that even large companies that can afford strong security postures still have widespread password problems. That means anyone can, including your customers or even your own employees.<\/p>\n<p>But how prevalent are these attacks? The\u00a0<a class=\"ext\" href=\"https:\/\/enterprise.verizon.com\/resources\/reports\/dbir\/\" target=\"_blank\" rel=\"noopener noreferrer\">2020 Verizon Data Breach Investigation Report<\/a>\u00a0stated that of hacking-related breaches, more than 80% involved either brute-force password attacks or stolen user credentials. Of course, there are other kinds of attacks\u2014from malware to social engineering\u2014but this demonstrates that passwords play a central role in anyone\u2019s security posture.<\/p>\n<h2 class=\"h3\">The rules of the road<\/h2>\n<p>So, we know how important password security is for an organization\u2019s security posture. What do you do about it?<\/p>\n<h3 class=\"h4\">1. BE THE BROKEN RECORD<\/h3>\n<p>User awareness training plays a role in keeping users from using weak passwords. Yet, when it comes to both information retention and behavioral change, one-off yearly security trainings won\u2019t do the trick. Make sure to hold trainings on a fairly regular basis, and send out refreshers and reminders via email. (<em>Hint: This can also be an excellent way of keeping your brand fresh in your customers\u2019 minds<\/em>). Don\u2019t be afraid to repeat yourself\u2014repetition is important to truly get people in the habit of using strong passwords.<\/p>\n<h3 class=\"h4\">2. SET GROUND RULES FOR PASSWORD STRENGTH<\/h3>\n<p>You probably already know the importance of these factors, but you\u2019ll need to keep reiterating these to your customers (and your own employees). First, make sure passwords are of sufficient length (longer is generally better), and use a mixture of uppercase letters, lowercase letters, symbols, and numbers. Also, avoid using numbers at the end of a password\u2014this is a fairly common pattern, and criminals pick up on it. Numbers and symbols should go earlier in the password, if possible. Also, it\u2019s worth suggesting people use a passphrase they can remember rather than a single password. This can help users meet length requirements to make the passwords hard to guess, while still making them easy to remember.<\/p>\n<h3 class=\"h4\">3. SET PASSWORD REFRESH POLICIES<\/h3>\n<p>Additionally, try to implement a rule requiring users to change their passwords on a regular basis. This allows you to update your password rules and make sure users follow the latest guidelines, but also limits the damage if criminals steal some passwords. Also, remind customers not to reuse passwords across important accounts\u2014if their credentials end up in a data breach, this could compromise other important systems.<\/p>\n<h3 class=\"h4\">4. CHANGE DEFAULT PASSWORDS<\/h3>\n<p>Another important thing to remember\u2014change default passwords on important services. This applies to every service, but it\u2019s especially important on tools built to facilitate remote working, like remote support tools or VPNs. It\u2019s not uncommon for people to use a default password when setting things up, then forget to change the password later. Also, remind your customers to do the same when working on home networks. They should reset default passwords on home devices, especially their Wi-Fi, and make sure they\u2019ve done so on administrator pages for any smart device.<\/p>\n<h3 class=\"h4\">5. AUTOMATE AS MUCH AS POSSIBLE<\/h3>\n<p>The biggest challenge with passwords is that they\u2019re simply a pain in the neck to manage. Many people will naturally choose convenience over security, so it\u2019s important to try to make life easier on them. That\u2019s why it\u2019s so important to use a good\u00a0<a class=\"ext\" href=\"https:\/\/www.passportalmsp.com\/use-cases\/cloud-based-password-manager?promo=blog\" target=\"_blank\" rel=\"noopener noreferrer\">password management solution<\/a>. Users can sign in once with their master password, then sign into their myriad accounts with an automatically generated password in a single click. No need for endless creativity to come up with new passwords, and no need for a photographic memory to remember them. Plus, with a password management tool like SolarWinds<sup>\u00ae<\/sup>\u00a0Passportal, you can set password requirements for end users, automate password refreshes as needed, and grant or revoke access to accounts as needed.<\/p>\n<h2 class=\"h3\">An easy fix for a hard problem<\/h2>\n<p>The username\/password authentication model wasn\u2019t really developed to handle the modern IT environment. With an explosion of cloud services, users can quickly get overwhelmed and opt for shortcuts around password security. If you follow these tips, you should be able to help keep your security posture strong.<\/p>\n<p><strong>A stolen password for a customer\u2019s employee can become a major problem; a stolen password for a member of your own MSP team is pretty much guaranteed to be one. If criminals gain access to even one team member\u2019s passwords, they can potentially compromise multiple customers and put your business in serious jeopardy. SolarWinds Passportal, a password management solution designed for MSPs, can help. It allows your team to automatically generate passwords and allows you to easily grant and revoke access as needed. Plus, you can offer password-management-as-a-service to your customers via Passportal Site, allowing you to prevent password breaches for them while also earning additional monthly recurring revenue without adding a new labor-intensive service. Learn more today about both solutions by visiting\u00a0<a class=\"ext\" href=\"https:\/\/www.passportalmsp.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">passportalmsp.com<\/a>.\u00a0<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There\u2019s a lot of flash around some topics in security. Whether it\u2019s the ever-present, evolving threat of ransomware or a new threat du jour, it\u2019s definitely important to stay on&#8230;<\/p>\n","protected":false},"author":24,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-6604","post","type-post","status-publish","format-standard","hentry","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>5 Tips for Rock-Solid Password Security - N-able<\/title>\n<meta name=\"description\" content=\"One of the biggest threats we face as an industry, particularly during an era of remote working, is the use of weak or reused passwords. Check our tips.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"5 Tips for Rock-Solid Password Security - N-able\" \/>\n<meta property=\"og:description\" content=\"One of the biggest threats we face as an industry, particularly during an era of remote working, is the use of weak or reused passwords. Check our tips.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-24T15:49:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-06T12:59:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"N-able\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"N-able\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"5\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security\"},\"author\":{\"name\":\"N-able\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\"},\"headline\":\"5 Tips for Rock-Solid Password Security\",\"datePublished\":\"2020-11-24T15:49:19+00:00\",\"dateModified\":\"2021-05-06T12:59:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security\"},\"wordCount\":1070,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"articleSection\":[\"Security\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security\",\"url\":\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security\",\"name\":\"5 Tips for Rock-Solid Password Security - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de#website\"},\"datePublished\":\"2020-11-24T15:49:19+00:00\",\"dateModified\":\"2021-05-06T12:59:53+00:00\",\"description\":\"One of the biggest threats we face as an industry, particularly during an era of remote working, is the use of weak or reused passwords. Check our tips.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/de\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"5 Tips for Rock-Solid Password Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/de#website\",\"url\":\"https:\/\/www.n-able.com\/de\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/de?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/de#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/de\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\",\"name\":\"N-able\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"caption\":\"N-able\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"5 Tips for Rock-Solid Password Security - N-able","description":"One of the biggest threats we face as an industry, particularly during an era of remote working, is the use of weak or reused passwords. Check our tips.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security","og_locale":"de_DE","og_type":"article","og_title":"5 Tips for Rock-Solid Password Security - N-able","og_description":"One of the biggest threats we face as an industry, particularly during an era of remote working, is the use of weak or reused passwords. Check our tips.","og_url":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-11-24T15:49:19+00:00","article_modified_time":"2021-05-06T12:59:53+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"N-able","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Verfasst von":"N-able","Gesch\u00e4tzte Lesezeit":"5\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security"},"author":{"name":"N-able","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b"},"headline":"5 Tips for Rock-Solid Password Security","datePublished":"2020-11-24T15:49:19+00:00","dateModified":"2021-05-06T12:59:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security"},"wordCount":1070,"publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"articleSection":["Security"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security","url":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security","name":"5 Tips for Rock-Solid Password Security - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/de#website"},"datePublished":"2020-11-24T15:49:19+00:00","dateModified":"2021-05-06T12:59:53+00:00","description":"One of the biggest threats we face as an industry, particularly during an era of remote working, is the use of weak or reused passwords. Check our tips.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/de\/blog\/5-tips-rock-solid-password-security#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/de\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"5 Tips for Rock-Solid Password Security"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/de#website","url":"https:\/\/www.n-able.com\/de","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/de?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/de#organization","name":"N-able","url":"https:\/\/www.n-able.com\/de","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b","name":"N-able","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","caption":"N-able"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/6604","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/comments?post=6604"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/6604\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/media?parent=6604"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}