PageUp Passwords — Housekeeping and Best Practice
SSO (Single Sign On)
If you’re not using Single Sign On, you really should and you can bet your IT and Security departments will be all for it.
What’s so good about Single Sign On from a Security perspective?
- No new password to create
- No new password to remember
- Just use your work login to authenticate to PageUp automatically!
- All your work password policies are automatically compliant for PageUp
Good for Security, good for you (no more password resets and account unlocks etc), good for all your staff that use PageUp. Thumbs up!
Check out our Knowledge Portal if you want to know more, or as always, speak to your Technical Account Manager about it.
Single sign on
Single sign-on (SSO) is a secure way to link two separate systems so that users of those systems do not have to…
If you aren’t using SSO, then read on, we still have some tips and best practice to share with you.
Non SSO Password Tips
As a SuperUser of PageUp systems, Security is probably one of the last things on your mind.
In the end, as a consumer of our SaaS solution, you entrust us to handle Security!
The below points out a few of the client configurable password items within the PageUp system that you as a SuperUser can configure to ensure the best possible Security posture for your PageUp Instance.
Bad Password List
PageUp comes with a “Bad Password List” already setup and defined, but Security never sleeps and these lists are updated often with the weakest and most abused weak passwords.
I’ve done the hard work for you and already collated the top 100 worst passwords of 2017 (along with some other PageUp suggestions), ready for you to use in your system in a few clicks.
To implement this updated list is really simple, just follow the steps below -
- Click settings in Admin
- Search for “Bad Password” and press Enter
- Click the pencil to edit your current bad password list.
- Copy the entire line from the code sample below.
- Paste/append it to your current list
- Click Save!
Other Password Best Practice
Password Minimum Length
Set a good, secure minimum length for your passwords, I’d recommend at least 10 for Admin.
If required, you can also set password expiry and configure the the period in which this occurs.
As a reminder, PageUp already default the following -
- Ensuring that passwords contain at least one numeric and one alphanumeric character
- Preventing users from reusing their previous 12 passwords
There are additional safeguards that we recommend users follow when creating their account password.
- Select a password that contains a combination of numbers and letters that you can remember easily but has no meaning to anyone else. Possibly think of a phrase like “super secure”, and create an abbreviation that substitutes numbers/symbols for select letters such as “$uper5ecure”
- Avoid using the same password for different systems
- Use a password manager
- Never write your passwords down or send them via e-mail or instant messenger
As above, the easiest way to automate password management is with SSO, however if this isn’t implemented currently, PageUp gives you the tools to manage these elements.