Password security policy: Find the balance between people and passwords

Every day after people go to work and connect to the internet, they need to enter all kinds of IDs and passwords to enter the work system, mailbox system, management system ...... in their spare time at work, people also go to communities, blogs, and social networking websites, and also need to enter various passwords. Passwords are closely related to people's work, life, and learning.

Nowadays, many enterprises and employees usually use passwords to protect their confidential data and work information. However, it is followed by frequent incidents of theft of a Community password, which leads to theft of work information. The root cause is that the company and its employees still have misunderstandings in password settings, which associate the work password with the casual password and give a chance for malicious attackers to intrude into the password.

Some people may set the password very easily, for example, "123456" or "112233", to make it easier to remember the password ", in addition, the initial passwords for many bank cards are "111111", "666666", and "888888". You may also write the passwords in the notepaper and paste them on the company's computer display screen; or, the password is the same, regardless of the company system or kaixinnet.

The password settings of many enterprises are also very regular, and you can guess them by simply arranging and combining them. For example, the switch password used by a company is "company name with several letters + company phone number ". Some internal system administrators even use the default account and password when managing the company's server systems.

The above misunderstandings in password settings put forward the most critical line of defense that should have protected confidential information, and deliver them to malicious attackers. Password is one of the important measures to protect confidential data of enterprises. From a security perspective, passwords that are least prone to cracking must be complex enough and random without any regularity. However, from a human perspective, passwords must be easy to remember and manage. Therefore, the best password is to balance the password with people.

At present, there is a type of password that reflects the balance between the password and the person, and has a high security. In this type of segmented passwords, some of them are stored in the USB Key, and some are 4-6 fixed passwords that need to be remembered by people themselves, another part is the random password triggered during each use. The random password is sent to the user's mobile phone every time the user uses it. The three parts are combined, to open protected objects such as systems and devices. This is like some previous confidential systems that require password, fingerprint, Iris, sound, DNA, and other verification before they can be accessed. The multiple password systems will not be easily forgotten, it also greatly improves system security.