This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
wiki:policies:password [2023/10/06 21:41] katcow |
wiki:policies:password [2024/01/31 18:42] (current) katcow |
||
---|---|---|---|
Line 15: | Line 15: | ||
===== Policy ===== | ===== Policy ===== | ||
- | ==== Internal Company Passwords | + | ==== Internal Company Passwords ==== |
- | * | + | **Application Passwords** - All programs, including applications developed internally by Nested Knowledge must be password protected. |
- | + | ||
- | **Application Passwords** | + | |
- | * | + | |
**Changing Passwords **- All passwords must be promptly changed if they are suspected of being disclosed, or known to have been disclosed to unauthorized parties. | **Changing Passwords **- All passwords must be promptly changed if they are suspected of being disclosed, or known to have been disclosed to unauthorized parties. | ||
- | * | ||
- | **Sharing Passwords** | + | **Sharing Passwords** - Passwords must be kept confidential and may not be shared among users. Users are prohibited from recording passwords in an unencrypted medium, like a notetaking application, |
- | * | + | |
- | **Password Storage -** Passwords will not be stored in readable form without access control or in other locations where unauthorized persons might discover them. All such passwords are to be strictly controlled using either physical security or computer security controls | + | **Password Storage -** Passwords will not be stored in readable form without access control or in other locations where unauthorized persons might discover them. All such passwords are to be strictly controlled using either physical security or computer security controls |
- | === Password Complexity === | + | ==== Password Complexity |
Passwords must: | Passwords must: | ||
Line 41: | Line 36: | ||
* must not match your user name or email | * must not match your user name or email | ||
- | ** <font 20px/ | + | ===== |
- | **Application Passwords** - All programs, including third party purchased software and applications developed internally by Nested Knowledge must be password protected. | + | **Application Passwords** |
=== User Authentication === | === User Authentication === | ||
All systems will require a valid user ID and password. All unnecessary operating system or application user IDs not assigned to an individual user will be deleted or disabled. The use of a four digit pin or secret questions is not acceptable as an authentication method. | All systems will require a valid user ID and password. All unnecessary operating system or application user IDs not assigned to an individual user will be deleted or disabled. The use of a four digit pin or secret questions is not acceptable as an authentication method. | ||
+ | |||
+ | As described in our [[: | ||
=== Choosing Passwords === | === Choosing Passwords === |