Weak control over access to computer systems increases the risk that the systems may be accessed by unauthorized people. To strengthen these controls, employee passwords should be changed on a regular basis. Strong passwords, such as those using a greater number of characters and randomized characters, should be required. Employees should not share passwords or usernames.
Public entities should also consider computer system security issues when using volunteer staff.
Date this Avoiding Pitfall was most recently published: 5/8/2015