Creating and deploying a new password policy across an entire organization can be a daunting exercise. Once you start, there’s a surprising amount to think about. So, it is worth the effort? If there are security holes or weaknesses within your current password policy, the answer is almost certainly yes. Simply put, it’s too risky to have a weak or ineffective password policy.