Best practices with Password policies

Articles ConnectXF I'm Exploring Security

Despite having a well configured secure system (like Mithi Connect Xf), which has a built in security framework to protect your valuable data and services from unauthorized and unauthenticated access, weak and aging passwords could compromise your security.

Often, the weakest link in the security chain is the password. Commonly reported security breaches such as servers being hacked, unauthorized access of a user mailbox, unauthorized use of the services, etc. are typically caused due to weak and aging passwords. Passwords that pose the biggest risk are those that:

  • Are made up of common words.
  • Are short in length.
  • Do not have enough mixture of numerals.
  • Do not change often enough.

To minimize this risk, we need to ensure that the passwords of the Linux Administrator and the user are Complex and are set for Expiry after a predetermined period of time.

Mithi Connect Xf version 2.5 has the following features to enable tighter security for administrators and end users:

  • Complex Password: Helps define the rules for a complex password, which ensures that users must enter passwords matching the rule.
  • Password Expiry: Helps set a password Age, after which the users must change their password in order to continue accessing the services.
  • Password History : The password history policy maintains the passwords set by user and restricts user to set different password than the passwords stored in the history.

It is recommended that you enable these features for Mithi Connect Xf and at the Linux system level (to protect the root and other system user passwords).

Technical Resources :  Password Policy in Connect Xf

Leave a Reply

Your email address will not be published. Required fields are marked *