- Enforce strong passwords but make it easier for people to create them. You can provideguidance about better ways to create strong but memorable passwords or suggest the use of passphrases rather than passwords. Finally, you could publish links to password strength testers like Microsoft's so people aren’t surprised at the moment of truth when asked to input their new strong password.
- For more secure situations, like systems administrators who may be able to access critical corporate systems, go with 2 factor authentication, it’s the current gold standard.
- Finally, recognize that authentication will never be perfect. So implement least privilege at all levels to limit exposure. Not every user needs to be an admin on their desktop and not every system admin needs to access all system with all commands
Scott Lang, Sr. Director, Product Marketing at BeyondTrust
Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.