What should a password in the cloud look like?
Name and year of birth of the child - Perfect! Such a password is easy to remember. But it is definitely not secure. You as the person in charge know this, but do your employees who work in a cloud environment know this? How can you ensure that users only use strong passwords? Our instructions will tell you.
Azure AD Password Protection
Protect your business by detecting and blocking known weak passwords and their variants. Optionally, block weak terms that are easy to guess and can be used to identify your company. These recommendations are available for end users and administrators:
For IT Administrators
1. maintaining a minimum length requirement of 8 characters (however, it also applies here that longer is not necessarily better)
2. eliminate character composition requirements. 3. eliminate the mandatory regular password resets for user accounts.
4. ban common passwords to keep the most vulnerable passwords off your system.
5. educate your users not to use the password for private logins
6. enforce registration for multi-factor authentication Enable risk-based multi-factor authentication issues.
Global list of locked passwords
There is a global list of locked passwords. This list is regularly extended by the Azure AD security analysis. Whenever a new password is changed or reset for a user in Azure AD, AD uses the current version of the global list of locked passwords as key input when validating the strength of the password. This allows the use of very strong passwords for all Azure AD customers. For example, you can lock typical company and customer names, phrases or abbreviations using this list. Note: The user-defined list for locked passwords is limited to 1000 entries by default. It is therefore recommended that you use an efficient procedure when adding locked passwords. (What belongs on the list and what should not).
Making attacks on passwords in the cloud more difficult
Especially in the cloud and the associated sharing of apps and services by internal employees, external parties and customers, strong passwords are important for all users to make attacks on weak passwords more difficult. Protecting cloud-only accounts is good and helpful, but many organizations are currently using hybrid cloud structures, including local Windows Server Active Directory. The security benefits of Azure AD password protection can also be integrated into your Windows Server Active Directory environment by installing local agents. This requires users and administrators who change or reset passwords in Active Directory to follow the same password policy as cloud users.
Password protection in the cloud is a very important and complex issue. Every company works in an individual cloud environment with different technical conditions and requirements. Our security experts have up-to-date background knowledge and years of experience in implementing strong password policies in the cloud. They will provide you with the necessary assistance in setting up the blacklist. Please do not put off this topic and contact us at any time.