You are here

Authentication & Password

Submitted by Administrator on 10 November 2015 - 1:51pm

\sumPassword Policy

  • Minimum 8 alphanumeric with at least 1 letter of the alphabet and 1 digit.
  • Normal Users will be required to chang their password every 90 days. Admin and Root users will be required to change their password every 30 days.
  • Must not allowed password to be reused for at least 3 generations of password.
  • Must not displayed in clear.
  • Must be encrypted during transmission and in storage.
  • Allowed a maximum of 6 attempts.
  • Protected against dictionary or brute-force attack.
  • Initial password will be randomly generated and disseminated to the users in a secure manner.
  • Users will be required to change their password when they first login.
  • User allowed to change their password again only at least 1 day after their last change.
  • All authentication attempts will be logged.