skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration


Passwords aren't going away anytime soon, yet enterprises continue to follow outdated password policies. Organizations should review policies and add security layers around passwords.


  • Organizational password policies have rarely been updated in line with advice from independent cybersecurity advisory agencies.

Features and Benefits

  • Assesses the current approach to password management.
  • Analyzes additional controls on top of passwords.

Key questions answered

  • What should organizations consider for password management?
  • Why should password expiry not be enforced?

Table of contents

Ovum view

  • Summary
  • Password policies are outdated
  • Enterprises should stop enforcing regular expiry of passwords
  • Multifactor authentication layers additional controls on top of passwords
  • Everyone must take responsibility


  • Further reading
  • Author

Recommended Articles


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team: +44 7771 980316

Asia-Pacific team: +61 (0)3 960 16700

US team: +1 212-652-5335

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now