A Call to Arms: Password Management
The triumphs of your heroic deeds have spread far and wide, IT Hero! Your kingdom is a beacon of security that shines bright through the oppressive darkness that looms just beyond the warmth of your walls.
You, however, know the hard truth. You can still smell the putrid stench of rotting flesh, the hollow sounds of listless undead scratching and clawing. Their insatiable hunger is mindlessly driving them to find kinks in the armor, a crack in the wall, or an old long forgotten sewer pipe to crawl through and breach the kingdom walls.
Your end users are prospering in the safety of your environment that you have tirelessly sacrificed to craft. How quick the entitled forget the dark times, the time when they helpless cried out for a guardian to come to their aid and deliver them from the jaws of death. Try as you might, IT Hero, the shuffles and groans of the undead can never be forgotten, for you know very well this new found luxury can lead to complacency, which in turn will lead to laziness, and ultimately the downfall of what you have worked so hard to forge.
Putting these safeguards in place is only half the battle, oh mighty leader of IT. There is still a need for best practices, to hone your process and the skills of your end users. Now that you have the proper defenses in place, this will now enable you to focus on Password Management.
Without proper Password Management rules in place, all your efforts are for not. All the education in the world does not protect against weak or commonly used passwords. Even the mindless undead would be able to guess a feeble password like “Qwerty.”
As their guardian, you must set their expectations and enforce Password Complexity rules. Rules such as: minimum password length, the requirement of an uppercase and special character, preventing the use of dictionary words, and enforcing a minimum age (repeated passwords) not only will aid in your cause of security, but also, strengthen the core of the kingdom.
But that is only half of the coin, IT Hero. You will also be able to confidently instill Password expiration throughout your kingdom. You have empowered your end users to be self-reliant, and enforcing mandatory expiration of their passwords will no longer burden you as they have been trained to self-service their passwords.
Yes IT Hero, your due diligence and fortitude has created a Utopia of safety for your kingdom, but you know that you must forever be vigilant in your sworn duty to protect.