The proper response and secure distribution strategy following a username and password hack would first be to disable
all of the accounts that may be compromised and reset the passwords to meet stringent complexity requirements. Next put your team's forensic skills to work to determine -- with certainty -- how the enterprise's security controls were breached. Then present those findings to management and present a plan to modify those controls or implement new ones to mitigate the risk going forward.
Changing and increasing the complexity of a password significantly reduces the likelihood of the account being hacked, but only if you've already determined how the original compromise was achieved and appropriately responded to it.
For more information:
- Learn how to prevent SSH brute force attacks that can compromise passwords.
- Be prepared for security breaches with security breach management planning and preparation.
Dig deeper on Password Management and Policy
Related Q&A from David Griffeth, featured expert
Are users at your enterprise creating weak passwords that could potentially lead to serious data breaches? In this identity and access management ...continue reading
Virtualization is a technology that's taking off, but how can information security professionals know how it will interact with their existing ...continue reading
Periodic access reviews for enterprise identity and access management (IAM) can help ensure the necessary personnel have access to essential systems ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.