Conclusion: People are and will be using passwords for the foreseeable future despite the numerous efforts underway to dispense with them. Managing them and particularly resetting them are ongoing costs for organisations.

Passwords are also a significant contributor to breaches. They are either captured during credential-grabbing efforts, leaked in a data breach or just too easy to guess.

Yet there are excellent guidelines in existence to assist people to minimise the possibility of passwords being cracked or guessed. Some involve implementing good policies, and most involve making it easier for users to create, remember and use passwords.

Existing Client Login



This advisory paper is only available to IBRS advisory clients. To find out more about becoming an IBRS advisory client complete the attached form and we will be in touch.

Please let us know your name.
Please let us know your email address.
Please enter a valid phone number
Invalid Input
Invalid Input

Read more ...



Peter Sandilands

About The Advisor

Peter Sandilands

Peter Sandilands is an IBRS advisor who specialises in cyber security, risk and compliance. Peter has over 40 years’ experience in the IT industry with the last 20 years focused on security. He has spoken at conferences and industry briefings across Asia Pacific. Peter was instrumental in the introduction of Check Point Software to Australia, leading the operation for five years. Prior to that Peter was a key strategist in the broadening of Novell’s market across Asia Pacific. Since then he has spent nearly 10 years working for large Australian companies in banking, mining and transport delivering security strategy, security architecture and compliance assessments. Peter has also assisted overseas security vendors enter the Australian market with a focus on the strategic use of the products. As a casual academic at UTS for over 20 years, Peter lectured in network security, Cloud security and networking technologies. With his experience across vendors, channel and business, Peter brings a pragmatic approach to implementing and assessing cyber security. Peter has a Master's of Cyber Security from Charles Sturt University.