2. Use Irreversible Password Encryption
It is important to keep passwords safe. Using irreversible encryption is the best way to manage passwords. This means that passwords are stored in hashed form, so they cannot be restored to their original form. Some important things about password encryption:
- Hashing: This process converts the password into a permanent string of characters that cannot be reversed.
- Use powerful hashing algorithms such as bcrypt, Argon2, or PBKDF2 to improve the security of password storage.
- Don’t use reversible encryption as this could allow an attacker to regain the original password if they manage to access the database.
3. Align Password Policy with Azure Active Directory
Aligning local password policies with policies in Azure Active Directory (Azure AD) is important to maintain consistency in identity and access management. Some steps that can be taken are:
- Make sure that policies in Azure AD include conditions such as minimum password length, complexity, and expiration date.
- Use features like Conditional Access and Identity Protection to add an extra layer of security for users.
- If you’re using synchronization between on-premises Active Directory and Azure AD, make sure that the policies in both environments are mutually supportive and don’t conflict.