The benefits of a password management policy

Image: designer491, Getty Images/iStockphoto

As a system administrator, I can attest that password resets are the most frustrating element of working in technology, both for myself and my users alike. We all have better things we could be doing and yet unfortunately the same “usual suspects” seem to pop up, which doesn’t work wonders for employee relations and morale.

It’s not just a pet peeve of mine; it’s a real problem with multiple negative implications.

SEE: Password management policy (TechRepublic Premium)

Gartner reported between 30% and 50% of all IT help desk calls are for password resets and determined the average cost in wasted labor for a password reset is $70. Oftentimes employees must wait to receive a password reset or jump through numerous hoops to do so and that impacts their productivity.

Worse, weak, stolen, or reused passwords pose a significant hazard to companies and cause approximately 80% of data breaches.

Having a password management policy is essential not only to secure your business and streamline operations, but to maintain the efficiency–and sanity of your employees.

A quality password management policy dictates what kind of passwords must be selected (e.g. complexity), where it should be used (avoid using the same password on multiple systems or applications), how it should be handled, and when it must be updated. It should also include measures employees and staff must take when passwords are compromised–or suspected as such.

In addition, it’s also essential to encourage employees to use secure password management programs such as KeePass, which safely stores all passwords which are protected via one master password.

SEE: Password management policy (TechRepublic Premium)

The short-term solution is to encourage employees to set reminders in Outlook or another calendaring system to change their passwords before they expire (and passwords should always expire and necessitate a change in order for continued usage of systems).

The long-term solution is to implement a password reset portal for self-service password operations. Adding the password reset feature to Remote Desktop Web Access is an option that paid major dividends for myself, my users, and my organization.

Whatever password management policy you decide to implement (or upgrade to), ensure that it is communicated to both existing and new users, monitored for compliance and feasibility, and updated accordingly to meet the changing needs of the business.

SEE: Password management policy (TechRepublic Premium)

TechRepublic Premium editorial calendar: IT policies, checklists, toolkits and research for download

TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.

Payroll

The best human resources payroll software of 2023

With a lot of choices in the market, we have highlighted the top six HR and payroll software options for 2023.

A computer running Windows 11. — Image: Microsoft.

Software

Windows 11 update brings Bing Chat into the taskbar

Microsoft's latest Windows 11 allows enterprises to control some of these new features, which also include Notepad, iPhone and Android news.

A software engineer works from home. — Image: tanatat/Adobe Stock

CXO

Tech jobs: No rush back to the office for software developers as salaries reach $180,000

Salaries for remote roles in software development were higher than location-bound jobs in 2022, Hired finds.

Project management process to manage and develop with resources to deliver quality product, agile development cycle, businessman project manager balance on clock juggling project management elements. — Image: Nuthawut/Adobe Stock

Software

The 10 best agile project management software for 2023

With so many agile project management software tools available, it can be overwhelming to find the best fit for you. We've compiled a list of 10 tools you can use to take advantage of agile within your organization.

A user typing a password. — Image: Song_about_summer/Adobe Stock

Security

1Password is looking to a password-free future. Here’s why

With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely.

PURPOSE This policy from TechRepublic Premium provides guidelines for reliable and secure backups of end user data. It outlines the responsibilities of IT departments and employees to identify tasks and action items for each group. The policy can be customized to fit the needs of your organization. From the policy: IT STAFF RESPONSIBILITIES IT staff ...

This policy from TechRepublic Premium provides guidelines for the appropriate use of electronic communications. It covers topics such as privacy, confidentiality and security; ensures electronic communications resources are used for appropriate purposes; informs employees regarding the applicability of laws and company policies to electronic communications; and prevents disruptions to and misuse of company electronic communications ...

PURPOSE Change is inevitable in any technological sector; it brings new features, functions and opportunities and helps businesses prosper through evolution. However, change can be detrimental to company operations if not executed properly through advanced notification of and approval by involved personnel. This change order form is designed to help you plan, implement and track ...

The benefits of a password management policy