You are here
Authentication & Password
- Minimum 8 alphanumeric with at least 1 letter of the alphabet and 1 digit.
- Normal Users will be required to chang their password every 90 days. Admin and Root users will be required to change their password every 30 days.
- Must not allowed password to be reused for at least 3 generations of password.
- Must not displayed in clear.
- Must be encrypted during transmission and in storage.
- Allowed a maximum of 6 attempts.
- Protected against dictionary or brute-force attack.
- Initial password will be randomly generated and disseminated to the users in a secure manner.
- Users will be required to change their password when they first login.
- User allowed to change their password again only at least 1 day after their last change.
- All authentication attempts will be logged.