Strong Password Practices
Although a strong password will not prevent attackers from trying to gain access, it can slow them down and discourage them. In addition, strong passwords, combined with effective access controls, help to prevent casual misuse.
Strong passwords are ones that are not easily guessed. Since attackers may use automated methods to try to guess a password, it is important to choose a password that does not have characteristics that could make it vulnerable.
Strong passwords should not include:
- Words found in the dictionary, even if they are slightly altered, for example by replacing a letter with a number.
- Personal information such as birth date, names of self, or family, or pets, social security number, or anything else that could easily be learned by others. Remember: If a piece of information is on a social networking site, it should never be used in a password.
Strong passwords should:
- Be at least eight characters in length. Easiest way to make passwords stronger is to make it longer.
- Include a combination of upper case and lower case letters, one number and at least one special character, such as a punctuation mark.
- If you have trouble managing passwords, use a password manager/password management utility.
NetSuite’s supports strong password functionality
- NetSuite provides fine-grained password configuration options—from minimum password length and complexity to timeframe-based password expiration.
- Supports password policies to ensure that new passwords vary from prior passwords.
- Provides complexity rules to ensure passwords are a strong mix of characters.
- NetSuite accounts are automatically locked out after unsuccessful login attempts.
- For additional access control, NetSuite optionally supports multifactor authentication using RSA SecurID to further minimize unauthorized access.