RyanTech Blog

News and Insights

How To Set a Strong Password in Office 365

​Keeping your company's e-mail and Office 365 accounts safe from security breaches can seem like a full time job these days​. With the amount of sensitive information within each account, and/or  the entire tenant, it's important to have the right processes in place, so setting a strong password for your account access seems like a no brainer, right?!? Well, for some users, not so much. We have to remember that your account password is essentially the first line of defense for your account, so here are some things that can be done to set a strong password and reinforce that strong password.

Setting a Strong Password

There are a number of industry standard ways to get your password as strong as possible. Here's a list of what can be done to make them very hard to guess:

  1. Password is at least eight characters long
  2. Password does not contain your user name, real name or company name
  3. Password does not contain a complete word
  4. Is significantly different than previous passwords
  5. Contains uppercase letters, lowercase letters, numbers, and symbols 
  6. Business account passwords are not the same as personal account passwords
Remember, the harder the password is to guess, the better. There are tools that hackers can use to automatically guess passwords quickly, so less common passwords are best.

MFA and Conditional Access Policies

There are also some other processes that can be put into place to reinforce your strong passwords and make it harder for bad actors to gain access:

  1. MFA - MFA is becoming the standard for Office 365 account security. It offers another layer of security by requiring the user to input a code, sent to a user's device via text or call, to access the account. This almost makes it impossible to breach as the hacker would also have to have that code to login.
  2. Conditional Access Policies - With this in place, policies can be created and customized to react with sign-in events and require additional actions before the user is granted access to an account, application, and/or service. These can be as granular and specific as they need to be and a great way to add an extra layer of protection. Here are some common policies that can be created:
                    - Requiring MFA for admin roles

                    - Blocking sign-ins for users using legacy authentication protocols

                    - Blocking or granting access for specific locations

                    - Blocking risky sign-in behaviors

Breach detection tools are also a great way to get an administrative view into how protected your tenant is from attacks. That's why we built Cloud Protect. Cloud Protect can satisfy this gap in Office 365 by giving you transparency into what is happening with your e-mail tenant and sign-in attempts, and will show us bogus sign-in attempts as well as actual breaches.

We are always here to talk through your security protocols with you and have a lot of experience setting them up, so reach out to us if you have questions about how you can further secure your business' Office 365 environment.

Recent Posts

We Speak Cloud

Our dedication is to the cause of truly helping our customer's business flourish by fine-tuning their own business operations.

Request a Free Evaluation