Strong Password Policy Requirements Protect Data, Systems (AAFCPAs)

November 7, 2022 - AAFCPAs

This is a thought leadership article from PrimeGlobal member firm AAFCPAs in which they share their insight into why having strong password policy requirements protect data and IT systems from potential security threats.

Access our Technology hub for more thought leadership on one of the topics that matters most to our member firms. Interested in sharing your own thought leadership with PrimeGlobal members? Submit an article here.

In the Information Age when all of our personal data is stored online, it is more important than ever to have a robust password policy, as this offers the first line of defense to any possible data breach within your organisation.

It remains a critical, and ever-evolving challenge to protect your organization’s data, and operations from destructive forces such as unauthorized users, cyberattacks, and data breaches, are constantly looking to hack accounts that remain vulnerable through poor cyber security. As Director and IT Cyber Security expert Andrew Mathieson from AAFCPAs explains, the first level of security from any such attack is the implementation of a strong password policy to protect your firm.

However, balancing risk and user-friendliness remains challenging, with 55% of people relying on their memory to manage passwords, according to Furthermore, many people keep hard-copy lists of their passwords, which is far from ideal!

AAFCPAs have some great tips for strong password management, and explain that to be effective, password management goes beyond password strength, with one of the important factors in protecting data, is regular education and updates for employees.

In addition, AAFCPAs advise their clients to encourage the use of passphrases and set the maximum password field length at 20-64 characters as one way to combat the data hackers.

For this, and more of their great strong password policy recommendations you can read the full article here.

Mathieson Andrew 002
“Our practice area provides Information Risk Management & Cybersecurity, as well as Business Intelligence & Productivity, and special IT attestations. We help businesses strengthen the links between people, process, and technology—and manage risks—which has been a true differentiator for our clients.” Andrew Mathieson, Director, AAFCPAs

Content by:


AAFCPAs is considered an attractive alternative to national CPA firms by discerning clients who appreciate exceptional value. We provide audit, tax, accounting, and advisory solutions to non-profit organizations, commercial companies, and wealthy individuals/estates. Since 1973, our sincere approach to business and service excellence has built a thriving firm, with 3 offices in Massachusetts, driven by an altruistic mission to improve the economic well-being and quality of life for all our constituents. AAFCPAs donates 10% of its net profits annually to non-profit organizations..

Learn more