Have you read the stories in the papers and online about using stronger passwords? Industry journals are even reporting about professional security researchers being hacked. Poor password management has surpassed lack of antivirus protection as the biggest security concern.

One article referred to a medical practice that recognized the need for strong password policies and required each user to have a strong, mixed alphanumeric password for different applications and resources. The only problem was that users adorned their monitors with Post-it notes with scribbled passwords.

And there's more to be concerned about. Users are publishing so much personal information about themselves that all hackers have to do is troll Facebook, MySpace and Twitter for the answers to questions like "favorite pet's name" and "mother's maiden name." 

Password management isn't trivial. Sometimes it's just simple common sense - like never write down a password on a Post-it note. We recommend following best business practices and creating passwords that feature uppercase and lowercase letters, numbers, and characters.

We also recommend that business owners establish policies and automated systems for forcing password rotation. Has your IT provider set up automated systems for your company's protection? If you're not sure, or have any questions, please call or email me.