Safe Password Practices

BY JAMES F. LEON

Editor's note: This is a Web-exclusive exhibit for "Password Management Strategies for Safer Systems."

  Advise users to never put their password on a Post-it Note or in another unsafe location.

  Prohibit users from including a clear-text password in an e-mail message.

  Require users to consult a manager when an unfamiliar person asks for a password via e-mail or over the phone.

  Tell users to always say “No” when Windows or any other software offers to save their password.

  Require all employees to change their password at least every one to two months.

  Lock out of the system any user who has been unable to log on after three attempts.

  Store salt values and passwords in separate system tables.

Also read these other Web-exclusive exhibits:
Offense and Defense
Glossary of Key Terms

 

SPONSORED REPORT

Get the career toolkit

Download this sponsored report for four must-read articles showcasing tips and best practices for employers and employees.

DOWNLOAD

Filing season quick guide — Tax year 2014

Tax season started Jan. 20. Download our “quick guide,” a printable card that contains dollar thresholds, tax tables, standard amounts, credits, and deductions to keep at your fingertips during tax season.

TAX NEWS

Expired tax provisions extended for 2014

President Barack Obama signed legislation that retroactively extended more than 50 expired tax provisions for 2014, allowing taxpayers to take advantage of a host of tax incentives during this filing season.