Strong password and use of 2FA (two factor authentication) or MFA (Multi Factor Authentication) are important aspects of device and software security. We all have passwords for multiple systems that are used for business related purposes and it is important for all team members to take the appropriate steps to secure their passwords. The full password policy is available here (internal link).
- Passwords must be sufficiently strong such as to make cracking or guessing difficult. Where possible, passwords should be randomly generated (you can do this using 1password)
- Do not use the same password for access to Made Tech systems as for any personal accounts. If you do this, and your Made Tech password is compromised, it will open your personal accounts up to vulnerabilities and vice versa.
Made Tech uses 1Password as its main password repository. 1Password is administered and maintained by Aura. There are group vaults which are managed by the teams who use them, but also private vaults where you can store your own information.
Please use this as your only password management tool for Made Tech and client passwords.
Your password to access 1Password should conform to the password policy. Biometrics is an acceptable method of accessing 1Password and the 1Password extension on Google Chrome is also fine to use.
Cracking passwords or a brute force attack are not the only ways in which individuals with bad intentions can get into the Made Tech systems. Social engineering also makes us vulnerable. Attackers will use techniques to gain your trust, or take advantage of inattention or a desire to be helpful to obtain passwords.
- Be aware of someone using social engineering to gain access to your password / account
- Do not store passwords on your device outside of 1Password
- Do not write passwords down
- Be sure you're entering your password in to a legitimate website
- Passwords should generally not be shared. When these is need to share a piece of secure information do so via 1Password
In all cases, report anything you think is amiss!
Wherever possible Made Tech enforces 2FA/MFA or implements SSO. Please ensure you are enabling 2FA where it is available.