So last year, Matt Buchanan at Gizmodo decided that on February 1st would be a day everyone should take the opportunity to change their passwords so some resemblance of security is maintained at least once a year.
It’s a great idea. I think of the non-techie types in my life and realize the last time they changed their password was the time they forgot it and reset by calling, say, their Internet provider.
So for the common individual – be safe and change your password! But what should organizations do about Passwords? IT Pros already have implemented password expiration settings, which have been part of Active Directory and other directory services for years.
So is there anything left for IT to do on National Change Your Password Day?
The answer is a resounding YES. There are a few “Changes” of your own you can make.
Change your Notifications
Organizations today have a mix of local and remote users running Windows, Mac and Unix-based OSes with some users only utilizing web-based access to corporate email. If that’s your company, you need to have a consistent way of letting users know their password is about to expire.
The simple answer is to utilize the one service everyone utilizes: email. By sending a reminder email about an upcoming password expiration, organizations can not only ensure users take action, but also lower support costs from those calls to the helpdesk once passwords expire.
We have both a freeware and paid solution to this problem with Password Expiration Alerting. There are obvious differences in features between the solutions, but you will find both to provide value in addressing the need for password notifications.
Change your Change Method
We’re expecting user to know how to reset their password. But more often than not, it’s just not as simple as we think. Add to the mix a situation where a user doesn’t remember what their password was, and you have yourself a helpdesk call that raises the cost of IT.
Having a password management solution in place that allows the user to both identify themselves with a series of questions, and the ability to reset their password from a web browser (so they can be on any OS, local or remote, etc.) is the answer.
We recently made our password management solution, Password Manager, free to organizations with up to 100 users. So if you have less than 100 users, you can utilize Password Manager with no limitations whatsoever free of charge! If you have more than 100 users, Password Manager is available as a paid solution and can be downloaded for evaluation.
Change How You Manage Passwords Day
So in the spirit of maintaining security on National “Change Your Password Day”, I’d like to propose that you take a look at the free and paid solutions Netwrix has to offer to not just make your organization more secure, but also simplify the process of doing so.
Happy Change Your Password Day!