Safe Password Practices


Editor's note: This is a Web-exclusive exhibit for "Password Management Strategies for Safer Systems."

  Advise users to never put their password on a Post-it Note or in another unsafe location.

  Prohibit users from including a clear-text password in an e-mail message.

  Require users to consult a manager when an unfamiliar person asks for a password via e-mail or over the phone.

  Tell users to always say “No” when Windows or any other software offers to save their password.

  Require all employees to change their password at least every one to two months.

  Lock out of the system any user who has been unable to log on after three attempts.

  Store salt values and passwords in separate system tables.

Also read these other Web-exclusive exhibits:
Offense and Defense
Glossary of Key Terms



Year-end tax planning strategies

Practitioners should consider the timing of income and deductions, avoiding the net investment income tax, donating to charity, and planning for retirement.


Effortless payroll service offerings

In this special focus report, experts explain how payroll providers can help CPAs help their clients. Sponsored by Paychex, Intuit, SurePayroll, ADP, BenefitMall and AccountantsWorld.


Return due dates changed in highway funding bill

The federal highway funding extension bill signed into law on July 31 contains several tax provisions, including changing the due dates for partnership, S corporation, and corporate tax returns.