Regularly changing out current passwords with new ones is an effective way to improve security. That’s why organizations will require their staff to change passwords based on a recurring event (e.g. every two weeks).
The main idea behind password rotation can be summarized as “a rolling stone gathers no moss.” If a password has been compromised, it is changed automatically and the old password no longer grants access.
The Hidden Benefit of Password Rotation
All too often, users are leveraging the same password in both their personal and professional lives. When given the choice, most people would rather have their logins be a simple as possible. They’ve already memorized their “secure” work password, so why not use it on all their personal Facebook, LinkedIn, and bank account logins?
The issue with this attitude is that if a site or application that is used for personal purposes is compromised, then that puts the business at significant risk. The number of sites people use personally and the number of them being hacked, are both on the way up. As that escalates, so too does the risk of a duplicate password being stolen from one organization to compromise another.
Even the ostensibly secure sites of major businesses are being breached and their credentials being used elsewhere. Target’s major breach serves as a cautionary tale.
So this is the hidden benefit of password rotation: by forcing password rotation in your organization, it will prevent users from maintaining the same passwords across their personal and professional lives.
No longer does Fred’s Facebook password also get you access to critical IT resources. IT admins can breathe a sigh of relief.
The Value of Unique Passwords
By forcing password rotation, users have less of an opportunity to reuse their passwords. If you add in the requirement that the previous 5 or 7 passwords cannot be reused, then you further decreasing the chances that a breach on an unrelated site will impact your organization.
IT admins have long espoused using unique passwords for each application or service. By implementing a password rotation tool, IT admins can actually enforce this behavior, instead of just lobbying for it at staff meetings.
Directory-as-a-Service® empowers admins with all the password management capabilities they could ever want and then some. Administrators can enable custom settings like password complexity, special characters, case sensitivity, password history, lockout, and expiration to name a few. It’s just another way that JumpCloud works to make your job easier.
Sign-up today to see how Directory-as-a-Service can help secure your infrastructure.