How can enterprises defend against weak cloud passwords?

How can enterprises defend against weak cloud passwords?

Weak passwords are a common threat for enterprises that rely on cloud services. Expert Dejan Lukan summarized some best practices on passwords.

Cloud services have sprung up in the past few years and are widely used by a large number of individuals and companies. However, a large number of cloud services and applications also bring many secrets to remember to connect to and use these cloud services.

Weak cloud Password

There are so many cloud services that can be accessed through certain creden,, such as a password, a PKI key, or other methods, naturally, attackers have many opportunities to access cloud services. In most cases, you only need to provide the correct password to access cloud services from anywhere in the world through the Internet. This is why they are spof; weak cloud passwords can be easily obtained by hackers to access cloud services.

To prevent weak passwords, it is very important to use the best password security measures when setting or changing the password, including:

Initial password: if the password is set by a third party as an initial default value, reset it so that it will not be stored somewhere in history or cache, resulting in reduced overall security.

Shared Password: when setting a Shared Password, select a password that is not used anywhere else. If you use the same password for another service, attackers can simultaneously access two cloud services.

Password validity period: if the attacker has cracked the password and can access cloud services, it is critical to change the password every 90 days. This approach helps prevent attackers from further obtaining authentication and stealing more sensitive information.

Minimum Password Length: The password length should be at least 8 characters, although we usually recommend a longer password. Make a sentence for security.

Password strength: the password should contain both lower-case and upper-case letters, numbers, and special characters. This ensures that the attacker can successfully crack the password by combining more combinations.

Password history: Save and use the historical version of the password, which allows the system to compare the current password with the historical password and determine whether some passwords are too similar. If it is too similar, you should reject this password change.

Cloud Password Manager

There are so many passwords used and managed in our daily life that it is almost impossible to remember them all. Humans are not good at remembering a large group of random passwords, but can only recall a few. That's why we have to find an alternative solution, such as the password manager.

The password manager is a program running on a system that encrypts and stores all passwords on a hard disk. Whenever a user wants to obtain a password, he/she must provide the master key. All other passwords are encrypted through the master key. This allows users to obtain a plaintext version of the password that we can use to log on to the cloud service. Generally, the password is stored in the clipboard and can be copied and pasted into the password input box.

There are many cryptographic managers for different operating systems used as independent programs. Some cryptographic managers will also appear in different Web browser plug-ins. Some open-source password management methods include Gpass, KeePass, LastPass, Revelation, Gorilla, KeePassX, and Pass.

Pass is one of the most popular cryptographic manager, because it does not have a graphical user interface (GUI) and must be used through command lines. This gives it an advantage, because it can be easily used in cloud systems-usually does not support GUI.

The Pass password manager is also included in the System Information Library of most Linux software packages, so it can be easily installed through the default Package Manager in most cases. This is why the installation and use of the Pass password manager are relatively simple. Pass requires the creation of a GNU Privacy Guard Key, and then the password can be easily added to the Password Storage of its manager.

When a user needs to enter a password to verify the cloud service, the Password Manager requires that the master key be provided. After the user provides the correct CMK, the required password will be copied to the system clipboard and can be copied and pasted to the cloud service for authentication. Once the user passes verification, the password should be deleted from the clipboard to prevent malicious software that steals information through the system clipboard. The password will be automatically deleted after 45 seconds, so you do not have to worry about manual deletion. This is a required function of any password manager, because it provides an important security measure to prevent Insecure Password Management.

Good cloud security requires a strong cloud Security Password

Every day, everyone must use and manage many passwords. Many of these passwords are used for cloud service authentication, which makes them very important for cloud security. To properly protect ourselves from Using Insecure passwords, We must select strong long and random passwords and store them in the password manager.

By using the password manager, we can follow the best security guidelines to create various strong passwords without remembering them all. The Password Manager requires a master password to decrypt other passwords to obtain cloud service authentication. Therefore, we only need to remember a primary password to obtain access to the remaining password. By using the password manager, we do not have to remember any password in the password manager, but still enjoy the security benefits of the password.