Monday 10th June, 2019 | By Nicola Macdonald

Microsoft change password expiry recommendations

What have they changed? Rather than recommending 60 day password expiry, they say only change the password when you need to. Essentially, when you think it may have been breached.

Microsoft has changed their password expiry recommendations and have made a bit of a splash about it.

What have they changed?

Rather than recommending 60 day password expiry, they say only change the password when you need to. Essentially, when you think it may have been breached.

This isn’t a new standard. The NCSC (National Cyber Security Centre) has been pushing at this for a couple of years.

The thinking is that passwords aren’t a great way to secure your data and accounts. This is because:

  • By the time you make a password complex enough to be secure, it’s too complicated to remember.
  • If we enforce regular password changes, most people end up breaking the system by changing just one thing – whether adding 1 to the mandated number or cycling through punctuation or colours – if someone knows your password was RED56tea%, changing it to RED57tea% isn’t really a change.

What can be done to reduce the risk of password theft?

  • Multi-factor authentication
  • Banning poor or known leaked passwords
  • Password throttling (block more than 10 attempts in 5 minutes) and
  • Detection and blocking of logins from suspicious locations

Other password best practices include:

  • Randomly generated passwords held in a password manager, so that even you don’t know them
  • Use multi-factor authentication wherever possible – something you know (password) and something you have (your mobile)
  • Don’t reuse passwords and don’t just change one number when a password expires
  • Don’t share passwords with other people

If you suspect a weakness in your password policy and would like some advice, please get in touch.

A Little More Light Reading

What you need to know about 5G

Thursday 19th September, 2019 | By Nicola Macdonald

We shed some light on your 5G questions. When is 5G coming to my town? Will 5G help me with my poor broadband? Does 5G mean I need a new phone?

View Blog Post

4 Step Process

Our 4-steps guide you through the process
1

Get in Touch

Call, email or fill in our contact form.

2

Arrange a Meeting

We'll get together to discuss your needs.

3

Proposal

We'll prepare a comprehensive proposal.

4

Onboarding

We'll ensure your move to nTrust is seamless.

Here to Help

Remote assistance is just a phone call away