Five Best Practices To Alleviate Employee Password Burdens While Reducing Security Risks

Although security and risk (S&R) pros lament the problems posed by passwords, passwords remain the most common form of employee authentication for IT systems. Passwords frustrate both employees and administrators, who increasingly have to devote valuable time dealing with password issues instead of higher-value tasks that support business initiatives and serve customers. Even though many security teams envision a password-free world, that nirvana is not a likely short-term reality. In 2015, Forrester conducted a survey to identify firms' current password policies, usage, and challenges. In the first report of our series The State Of Employee Passwords, we reviewed the survey's key findings and offered practical guidance on dealing with immediate challenges. This report serves as a companion report and offers five best practices regarding password policies and management so that S&R pros can effect meaningful changes that improve employee experience and reduce security risks while they make long-term preparations for password replacement.