One of the best ways to keep corporate identities safe is to practice proper password management. From an IT perspective, this entails determining the types of passwords that are acceptable and where they are housed on the company's systems.
Rotation
IT admins can also specify whether the most recent password can be re-used, the password rotation duration, and the number of failed attempts allowed. Employees should be changing their password every 30 to 90 days (depending upon the criticality of the IT resource), and they should not be allowed to repeat their last five passwords. Rotation has a secondary benefit: It makes it much harder for employees to use the same password across many IT resources, which is a critical issue to solve.