Unique IDs
Every person must have their own unique ID to access the system. This helps identify who was responsible if a data breach occurs, and it discourages people from doing anything harmful since they can be held accountable.
Strong passwords
Good passwords should:
- Be at least 12 characters long
- Include both letters and numbers
- Change every 90 days
- Be different from your last 4 passwords
Never use generic usernames or passwords like "Admin" or "guest." If something goes wrong, generic accounts make it impossible to determine who was responsible.
Why this matters
Each user needs:
- A unique, personal username (not generic)
- A strong password with at least 12 characters
- Regular password updates every 90 days
Remember to remove or disable any user accounts that are no longer needed. This prevents unauthorized access through old accounts.