{"id":41544,"date":"2020-09-08T15:21:57","date_gmt":"2020-09-08T14:21:57","guid":{"rendered":"https:\/\/www.n-able.com\/?p=41544"},"modified":"2023-03-22T09:37:05","modified_gmt":"2023-03-22T09:37:05","slug":"why-password-expiration-policies-matter","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter","title":{"rendered":"Why Password Expiration Policies Matter in Your Managed IT Business"},"content":{"rendered":"<p class=\"p5\"><span class=\"s1\">To operate with confidence in today\u2019s marketplace, organizations need a strong digital presence backed up by effectively deployed and strategically protected IT assets. As a managed services provider (MSP) tasked with protecting critical workflows and ensuring their customers\u2019 business continuity, it\u2019s crucial for your team to stay up-to-date with the latest strategies in cybersecurity.<\/span><\/p>\n<p class=\"p5\"><span class=\"s1\">Businesses turn to MSPs to handle the\u00a0<a href=\"https:\/\/www.n-able.com\/blog\/security-your-problem-and-your-opportunity\" target=\"_blank\" rel=\"noopener\"><span class=\"s3\">complex but essential\u00a0<\/span><\/a>work of keeping their operations protected from cybercriminals. When working with customers to develop their cybersecurity defenses, a considerable array of tactics should be integrated into any effective IT protection plan. By doing so, MSPs can anticipate potential vectors of attack and be prepared for cybercriminals before they strike. These tactics might include concepts and technologies like least privilege, multi-factor authentication (MFA), and password expiration.<\/span><\/p>\n<p class=\"p5\"><span class=\"s1\">Password expiration policies have been the topic of ongoing discussions within the cybersecurity field. As far back as 2019, the\u00a0<a href=\"https:\/\/docs.microsoft.com\/en-us\/archive\/blogs\/secguide\/security-baseline-final-for-windows-10-v1903-and-windows-server-v1903\" target=\"_blank\" rel=\"noopener\"><span class=\"s3\">Microsoft security team<\/span><\/a>\u00a0made headlines by dropping its password expiration policies, explaining they believed that forcing users to change credentials too often would cause them to use simple, predictable passwords. Rather than making organizations safer, Microsoft argued that password expiration policies could become a driver of bad password habits. This recommendation applies to individuals and regular user accounts. Humans tend to choose inherently simple and predictable passwords. The more frequently they have to change them, the easier they are to guess, brute force, or hack because they just add a one, two, or three sequential type password.<\/span><\/p>\n<p class=\"p5\"><span class=\"s1\">On the contrary, however, password expiration policies can be an effective component of an organization\u2019s broader cybersecurity posture when paired with a sophisticated corporate <a href=\"https:\/\/www.n-able.com\/blog\/why-every-msp-needs-password-manager\" target=\"_blank\" rel=\"noopener\"><span class=\"s4\">password manager<\/span><\/a>. When it comes to privileged accounts, the recommendation remains to be changing them frequently to avoid compromise, and in the cases where these are shared privileged accounts (numerous IT people having access to and using them) it becomes even more critical so that as people come and go (or should no longer know or have access to the password) regular password changes mitigate that risk. Such policies can\u2014and should\u2014be part of larger efforts within your MSP business and within your customers\u2019 organizations as long as they\u2019re deployed with the help of a strong password management system. When utilized effectively, password expiration policies can increase cybersecurity and help educate users on the importance of strong, complex passwords.<\/span><\/p>\n<h2 class=\"p6\"><span class=\"s1\">What is a password expiration policy?<\/span><\/h2>\n<p class=\"p5\"><span class=\"s1\">As the name implies, password expiration policies regulate how frequently users must replace old passwords with new ones. Stakeholders use password management tools to set timeframes for password expiration, monitor the ages of passwords across organizational accounts, and streamline the process of alerting users when password expiration deadlines are approaching.\u00a0\u00a0<\/span><\/p>\n<p class=\"p5\"><span class=\"s1\">Password expiration policies will differ depending on organizational needs, the kinds of information MSP customers deal with, and the various tools they access on a regular basis. For example, mission-critical information should be protected by the most stringent password expiration policies, requiring users to update their credentials frequently to help reduce the risk of a potential data breach.<\/span><\/p>\n<p class=\"p5\"><span class=\"s1\">While these policies can vary depending on a users\u2019 role within an organization and which tools and accounts they try to access, password expiration can also be contingent on the relative strength of each individual password. As\u00a0<a href=\"https:\/\/www.betterbuys.com\/estimating-password-cracking-times\/\" target=\"_blank\" rel=\"noopener\"><span class=\"s3\">research has shown<\/span><\/a>, nine-character passwords take roughly five days to break, 10-character passwords take four months, 11-character passwords take 10 years, and 12-character passwords take two centuries.<\/span><\/p>\n<p class=\"p5\"><span class=\"s1\">To factor this into account, admins can use password management tools to set expiration policies that reward stronger, more complex passwords. The longer and more complicated a given password is, the longer the amount of time until organizational users will be prompted to reset their credentials. With this kind of strategy in place (and the right tool to enforce it), password expiration policies can contribute to an organization\u2019s broader cybersecurity goals.<\/span><\/p>\n<h2 class=\"p6\"><span class=\"s1\">Why should you set a password expiration policy?<\/span><\/h2>\n<p class=\"p5\"><span class=\"s1\">Password expiration policies can be a value-add to your customers\u2019 overall IT safety posture, from serving as one of many technical safeguards to helping users understand the importance of password due diligence.<\/span><\/p>\n<p class=\"p5\"><span class=\"s1\">Originally, cybersecurity experts enacted password expiration policies for a simple reason. Traditionally, it was difficult to know if accounts had been compromised and resetting passwords on a regular basis meant you might be able to limit the amount of damage a cybercriminal could do if you revoked access through credential updates. However, IT technology has advanced considerably since the advent of password expiration policies, making it easier to monitor account security\u2014but also meaning that bad actors can wreak untold damage in a matter of seconds rather than days or weeks.<\/span><\/p>\n<p class=\"p5\"><span class=\"s1\">In this new IT landscape, password expiration policies are far from obsolete. Paired with an effective password management tool that helps users\u00a0<\/span><span class=\"s5\">generate strong, complex passwords<\/span><span class=\"s1\">,\u00a0expiration policies can be just one more responsible step in their broader cybersecurity initiatives. These policies can help users stay cognizant of the overall importance of credential security, act as a starting point for larger conversations about preventing data breaches, and potentially mitigate the damage caused by an attack.\u00a0<\/span><\/p>\n<h2 class=\"p6\"><span class=\"s1\">How do you create a password expiration policy?<\/span><\/h2>\n<p class=\"p5\"><span class=\"s1\">To create a password expiration policy, MSPs should\u00a0<a href=\"https:\/\/www.n-able.com\/blog\/importance-communications-skills-security\" target=\"_blank\" rel=\"noopener\"><span class=\"s3\">work with their customers<\/span><\/a>\u00a0to evaluate their overall cybersecurity needs. By understanding the specific requirements of each customer\u2014industry regulations, current IT infrastructure, and more\u2014MSPs can craft password expiration policies suited to their needs. The time between password updates, the relative strength of credentials across accounts, and the way passwords are generated will all hinge on organizational needs\u2014and the tools you use to support your customers and get the job done right. Password change automation is also a best practice for MSPs managing passwords for multiple customer environments across a team of technicians.<\/span><\/p>\n<p class=\"p5\"><strong><span class=\"s1\">When it comes to managing password security, you should invest in a sophisticated password management system. With\u00a0<a href=\"https:\/\/www.n-able.com\/products\/passportal\" target=\"_blank\" rel=\"noopener\"><span class=\"s3\">N&#8209;able<\/span><span class=\"s6\"><sup>\u00ae<\/sup><\/span><span class=\"s3\">\u00a0Passportal<\/span><\/a>, you can leverage cutting-edge password management capabilities for the benefit of your business and your customers. Passportal is a centralized, cloud-based platform where MSPs and their partners can store, search, change, and manage credentials. When someone leaves your company, or if you just want to rotate passwords regularly, Passportal agents will automatically change passwords across your entire client base and update any Windows services or scheduled tasks to use the new passwords within seconds. With a tool like Passportal, you can rest assured your password expiration policies are adding value to customers\u2019 cybersecurity posture.<\/span><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Password expiration policies have been the topic of ongoing discussions within the cybersecurity field. Here&rsquo;s why they matter top MSPs.<\/p>\n","protected":false},"author":24,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-41544","post","type-post","status-publish","format-standard","hentry","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Why Password Expiration Policies Matter in Your Managed IT Business - N-able<\/title>\n<meta name=\"description\" content=\"Password expiration policies have been the topic of ongoing discussions within the cybersecurity field. Here&#039;s why they matter top MSPs.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why Password Expiration Policies Matter in Your Managed IT Business - N-able\" \/>\n<meta property=\"og:description\" content=\"Password expiration policies have been the topic of ongoing discussions within the cybersecurity field. Here&#039;s why they matter top MSPs.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-08T14:21:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-22T09:37:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2020\/09\/Blog-6.png\" \/>\n\t<meta property=\"og:image:width\" content=\"611\" \/>\n\t<meta property=\"og:image:height\" content=\"302\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"N-able\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2020\/09\/Blog-6.png\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"N-able\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter\"},\"author\":{\"name\":\"N-able\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\"},\"headline\":\"Why Password Expiration Policies Matter in Your Managed IT Business\",\"datePublished\":\"2020-09-08T15:21:57+01:00\",\"dateModified\":\"2023-03-22T09:37:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter\"},\"wordCount\":1082,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"articleSection\":[\"Security\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter\",\"url\":\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter\",\"name\":\"Why Password Expiration Policies Matter in Your Managed IT Business - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr#website\"},\"datePublished\":\"2020-09-08T15:21:57+01:00\",\"dateModified\":\"2023-03-22T09:37:05+00:00\",\"description\":\"Password expiration policies have been the topic of ongoing discussions within the cybersecurity field. Here's why they matter top MSPs.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/fr\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why Password Expiration Policies Matter in Your Managed IT Business\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/fr#website\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/fr?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/fr#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\",\"name\":\"N-able\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"caption\":\"N-able\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Why Password Expiration Policies Matter in Your Managed IT Business - N-able","description":"Password expiration policies have been the topic of ongoing discussions within the cybersecurity field. Here's why they matter top MSPs.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter","og_locale":"fr_FR","og_type":"article","og_title":"Why Password Expiration Policies Matter in Your Managed IT Business - N-able","og_description":"Password expiration policies have been the topic of ongoing discussions within the cybersecurity field. Here's why they matter top MSPs.","og_url":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-09-08T14:21:57+00:00","article_modified_time":"2023-03-22T09:37:05+00:00","og_image":[{"width":611,"height":302,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2020\/09\/Blog-6.png","type":"image\/png"}],"author":"N-able","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.n-able.com\/wp-content\/uploads\/2020\/09\/Blog-6.png","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"\u00c9crit par":"N-able","Dur\u00e9e de lecture estim\u00e9e":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter"},"author":{"name":"N-able","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b"},"headline":"Why Password Expiration Policies Matter in Your Managed IT Business","datePublished":"2020-09-08T15:21:57+01:00","dateModified":"2023-03-22T09:37:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter"},"wordCount":1082,"publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"articleSection":["Security"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter","url":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter","name":"Why Password Expiration Policies Matter in Your Managed IT Business - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr#website"},"datePublished":"2020-09-08T15:21:57+01:00","dateModified":"2023-03-22T09:37:05+00:00","description":"Password expiration policies have been the topic of ongoing discussions within the cybersecurity field. Here's why they matter top MSPs.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/fr\/blog\/why-password-expiration-policies-matter#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/fr\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"Why Password Expiration Policies Matter in Your Managed IT Business"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/fr#website","url":"https:\/\/www.n-able.com\/fr","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/fr?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/fr#organization","name":"N-able","url":"https:\/\/www.n-able.com\/fr","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b","name":"N-able","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","caption":"N-able"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/41544","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/comments?post=41544"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/41544\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/media?parent=41544"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}