Most employees hate changing their passwords. There are too many requirements, the passwords have to be changed too often, or there are too many systems – all of which require unique passwords – to remember them all. Workarounds can range from password-saving cookies to barely modified passwords. But whenever your co-workers follow the letter of the password law instead of the spirit, it just ends with little in the way of either security or goodwill.
How Can You Achieve Better Security through Password Compliance?
Most people know that passwords improve security, and they also know that more complex passwords are better. But they don’t know the specifics of why passwords are so important. Instead of trying to force company-wide behavioral changes through new rules and system set-ups, give a reason. Even one example or horror story of a corporate data leak is enough, though a general overview of how passwords work is good, too. As a general rule, people are more likely to adopt any new policy if there’s a reason why.
But even a reason might not be persuasive enough for full compliance. Instead, meet them in the middle with more convenience by implementing single sign-on. This addresses one of the three most common complaints when it comes to password resets (too many passwords to juggle), and it also gets rid of people’s tendency to create almost identical passwords so they’re easier to remember.
Single sign-on has all of the security of multiple logins, especially if you link the SaaS and databases through the intranet that you control. It might even offer more if you link the time-out rules. You can also use the intranet to keep data that flows between programs entirely contained in your system without downloads or copied files.
The more you can positively encourage good security practices, the more likely people are to adopt them.
Learn more about single sign-on at the 2018 Fall Conference & Expo. Check out this session from Thom Haze.