Describe how your business handles passwords and we'll grade it A–F against modern security standards. Most businesses are surprised how outdated their policies are.
Most small business password policies fail the basics — not because people don't care, but because the advice from five years ago is now wrong. Forcing 90-day expirations makes passwords weaker, not stronger. Complexity requirements ("must include a symbol!") encourage predictable patterns. Modern NIST guidance says longer passphrases beat short complex passwords every time. Describe your current policy and get an honest grade — plus what to actually change.
Include anything you know: minimum length, complexity rules, how often they expire, whether you use a password manager, MFA status, shared accounts — whatever you've got.
Do not paste actual passwords. Just describe the policy rules.