Complimentary Gartner Report

Quick Answer: What Does a Good Password Policy Look Like?

As per Gartner, “Despite the advent of passwordless authentication, passwords persist in many use cases and remain a significant source of risk and user frustration. SRM leaders responsible for IAM should craft a clear and actionable policy that discards ineffective legacy rules to better balance security and UX.”

ID G00745221

With over 80% of data breaches being associated with weak, stolen or shared passwords, it is imperative for businesses to ensure that their password policies are strong enough to secure people’s password practices.

Gartner, a company that delivers actionable, objective insight to its executive and their teams, ask the question “How can I write a password policy to ensure that our employees will use strong passwords?”

Download your complimentary report to get full access to Gartner guidance about password policies.

Be guided by Gartner®,
Download Research

    By 2025, more than 50% of the workforce and more than 20% of customer authentication transactions will be passwordless, up from less than 10% today.


    Secure & Replace Passwords

    Secure & Replace Passwords

    Reduce the complexity and risk of existing passwords.

    Ensure Regulatory Compliance

    Comply with governing bodies and achieve best practice NIST standards.

    Passwordless & Deviceless Authentication

    Choice of multiple login processes adapted to your environment.

    Gartner, Quick Answer: What Does a Good Password Policy Look Like?,Ant Allan,Refreshed 6 June 2022, Published 17 June 2021
    Gartner,Take 3 Steps Toward Passwordless Authentication,Ant Allan,Published 19 October 2021

    GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Authlogics. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.