6 best practices for an effective password policy
Through the end of 2020, enterprises that invest in new authentication methods and compensating controls will experience 50% fewer identity-related security breaches than peers that do not.
Key Challenges that Identity and Access Management Leaders face:
- Though widely used, passwords are fundamentally flawed and no longer an appropriate authentication method for any use case except those with minimal risk.
- Policy alone cannot mitigate all attacks against passwords. Most risks are more effectively mitigated by technical controls or more robust authentication methods.
- Many common regulatory and audit requirements have little value in practice and place a burden on everyone. Nevertheless, enterprises must abide by such requirements.
- Devising a policy that satisfies all compliance issues can be taxing but is a necessary evil.
- Finessing a policy once this has been done only provides marginal returns.