By Natalie Bluhm Posted July 5, 2018
One of the biggest concerns for IT admins is managing end user passwords. With so many services that users are leveraging across their personal and professional lives, it is easy to be concerned that users are taking short cuts. The good news is that there are some simple password management techniques that IT admins can practice with their end users.
Before we dive into some of these techniques, we should highlight some of the problems around passwords. Because of the risk associated with passwords, many think that we should do away with passwords altogether. Well, the reality is that we will be using passwords for at least a little while longer. So, in light of that, let’s understand what the issues are and how to solve them.
Challenges with Passwords
Passwords have historically been hard for people to remember, and who can blame them considering the average user has 191 passwords to keep track of. The result is that end users will choose passwords that are easy to remember, like “123456,” or even leverage the same complex password across all of their services. In fact, 54% of people use 5 or fewer passwords across their entire online life. With statistics like these, it’s not surprising that 81% of data breaches result from a weak or stolen password. Luckily, there are a few methods IT admins can take to prevent users from taking part in these bad habits.
Remedies for Securing Passwords
First, encourage your end users to use long passwords. Ideally, it should be a sentence with punctuation (where possible) versus just a word. The second suggestion is to implement multi-factor authentication (MFA or 2FA) wherever possible, but definitely on email accounts (e.g. G Suite™ or Office 365™). Preferably, you would have MFA attached to every account possible since 80% of data breaches in the past could have been prevented if MFA were enabled.
Of course, we realize that it is hard to change your end users’ habits, so you can’t just rely on them to implement these practices. A step in the right direction could be to leverage a modern cloud directory service that will enforce a number of these important techniques. For instance, password complexity management, SSH keys, and MFA are all core features of one core identity provider in particular, called JumpCloud® Directory-as-a-Service®.
Simple Password Management with JumpCloud
By using our cloud-based directory service, IT admins can ensure that their users are leveraging strong passwords, SSH keys to access AWS® cloud servers, for example, and then MFA on their systems and applications. Because JumpCloud integrates with virtually all of your systems, apps, file storage, and networks, you’ll be able to fortify your entire IT environment with a single solution.
How to Find Out More
Learn more about simple password management by signing up for a free account. You’ll be able to see for yourself how easy password management can really be. Of course, if you have any questions at all about JumpCloud Directory-as-a-Service, drop us a note. We’ll be happy to get you the answers you need.