Managers who want to stamp out weak passwords in their organizations should start with one simple step: tell users why weak passwords endanger their personal accounts and the organization’s resources.
It’s not always easy to get through to users, and convincing them to follow your advice can be tough. But at least you can show them the nuts-and-bolts of forming well built passwords by using a PowerPoint presentation that we’ve created. The presentation makes otherwise intimidating information a lot easier for users to understand.
What you’ll find
Our PowerPoint presentation will help you show users how important choosing the right passwords can be. It contains several slides that:
- Explain why users should use strong passwords.
- Display examples of weak and strong passwords.
- Offer suggestions on how to make weak passwords stronger.
- Illustrate the different elements of a strong password.
The document that accompanies the presentation offers suggestions for customizing the presentation by:
- Including examples of weak passwords once used in your organization.
- Showing users examples of strong passwords they can use.
- Sharing a technique that can help users create strong passwords they can remember.
Why educate users?
A recent TechRepublic survey showed that IT managers believe that a company’s own employees are the largest security threat in an organization.
|Current and former employees pose a large security threat.|
Users pose a threat primarily because they don’t practice solid security habits, such as using locked screen savers when they’re away from their desks or maintaining good password habits. These bad habits make your organization vulnerable to an attack at almost any entry point, including the organization’s VPN, e-mail server, and network connections.
“VPN passwords are (the) the keys to the kingdom,” said Marty Roesch, the president and founder of Sourcefire, Inc., a provider of network monitoring infrastructure solutions in Columbia, MD.
Of course, your network kingdom has plenty of gates, and the best defense is teaching users to create strong passwords for every technical contact they have with an organization. This presentation should help.