Why your password coverage ought to embrace a customized dictionary

In case your group is like many, your workers could also be counting on weak or simply guessable passwords — and inadvertently rolling out the crimson carpet for hackers and cybercriminals within the course of. So how do you cease your employees from leaving the keys to your group’s information and methods beneath the proverbial doormat? Integrating a customized dictionary into your password coverage must be a part of the answer.

On this publish, we’ll discover customized dictionaries: what they’re, why you’ll be able to’t afford to disregard them, and the way they match into your cybersecurity technique.

We’ll additionally present examples of the sorts of phrases and phrases your customized dictionary ought to embrace and talk about how a software like Specops Password Coverage can seamlessly combine these dictionaries into your current Lively Listing password coverage.

What are customized dictionaries?

Customized dictionaries are specialised lists of phrases, phrases, and character combos that finish customers are prohibited from utilizing when creating their passwords. A customized dictionary must be rather more than an ordinary glossary; it ought to embrace phrases particular to your group, in addition to widespread phrases and phrases related together with your business.

Primarily, incorporating a customized dictionary into your password coverage offers your group an extra layer of protection in opposition to focused credential-based assaults. 

Why are customized dictionaries wanted?

Customized dictionaries are essential for quite a few causes:

• Finish customers create weak or easily-guessed passwords: Even together with your greatest training efforts, people are creatures of behavior — which means many customers will go for easy-to-remember (and due to this fact easy-to-guess) passwords. These embrace private info (their partner’s title), widespread phrases (admin, password), or easy variations of banned passwords (qwerty123!). One other tempting and memorable possibility is to decide on phrases associated to your particular enterprise or business.
• Threat of brute pressure/hybrid dictionary assaults: Cybercriminals continuously make use of brute pressure and hybrid dictionary assaults to crack passwords — and if you happen to don’t have a customized dictionary in place, these sorts of assaults might be extraordinarily efficient. For instance, they might add your group’s title and merchandise to their assault dictionaries, within the hope that at the very least a handful of finish customers have used these phrases of their passwords.
• Social engineering and focused assaults: Cybercriminals can simply collect details about your group and its workers via social media and different public sources. Then, they will use this data to create focused phrase lists for his or her password-cracking makes an attempt. Guaranteeing your customized dictionary contains company-specific phrases and customary worker info may help thwart these assaults. 
• Trade-specific vulnerabilities: Each business has its jargon and generally used phrases, and hackers use this data to higher goal their password assaults. Remember to beef up your customized dictionary with business lingo — it is a easy manner so as to add an additional layer of safety to your password coverage.

How is your group’s total Lively Listing password well being? Discover out now with a free, read-only test with Specops Password Auditor. 

Customized dictionary examples

To raised perceive the idea of customized dictionaries, think about that you just deal with IT for the Mid Cheshire NHS Basis Belief – a regional healthcare basis who reached out to Specops to assist strengthen their password safety. As you’re creating customized dictionaries in your group, you’d wish to embrace phrases and phrases like: 

Trade phrases

As in different industries, healthcare professionals typically default to business jargon when creating passwords. To raised defend your group, you’d wish to guarantee your customized dictionary included phrases that an attacker aware of the healthcare sector may attempt first. Examples embrace:

• NHS (Nationwide Well being Service)
• A&E (Accident and Emergency)
• Triage
• Outpatient
• Inpatient

Group-specific phrases

Phrases distinctive to your group could be among the many first guesses for anybody focusing on it particularly. To scale back the danger of those focused assaults, make sure that your customized dictionary prevents their use in passwords. Examples embrace:

• Mid Chesire
• NE (acronym)
• Basis belief
• Ward names (e.g., Nightingale, Florence)
• Division names (e.g., Radiology, Pathology)
• Hospital constructing names (e.g., Victoria Wing)

Widespread password patterns

Along with business and organization-specific phrases, you wish to stop customers from counting on widespread, simply guessable codecs. Prohibiting customers from following widespread password patterns will pressure them to create distinctive passwords. Examples embrace:

• NHS2024!
• Welcome123!
• ChangeMe1!
• NurseRN2024
• Dr[Lastname]2024

Specops Password Coverage makes customized dictionaries straightforward

Integrating customized dictionaries into your password insurance policies will assist improve your group’s safety, holding your customers, information, and methods secure. However what’s one of the simplest ways to make that occur? For many organizations, a software like Specops Password Coverage is your greatest wager.

With Specops Password Coverage, you’ll be able to simply create and import tailor-made lists of prohibited passwords, seamlessly integrating them into your Lively Listing surroundings. 

Combining your customized dictionaries with Specops’ breached password safety function — which scans your Lively Listing for over 4 billion identified compromised passwords — lets you mount a robust protection in opposition to dictionary assaults and password reuse.

These instruments will assist you to improve your group’s Lively Listing password safety, scale back danger of safety breach, and guarantee you’re assembly compliance with business requirements.

Able to make your group safer by including a customized dictionary and banishing over 4 billion+ compromised passwords?  

Strive Specops Password Coverage without cost. 

Sponsored and written by Specops Software program.