Password Policy
GuardSuite™ includes a password policy as a guide for choosing and using passwords prudently. This policy is always available for view and pops up as a reminder when a user sets a new password. Your password is the front line of protection for your user account. A poorly chosen password may result in the compromise of your identity and/or corporate security measures. As such, all security personnel are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords.
- Don't reveal your password to ANYONE.
- Change passwords at least once every six months. The current recommended change interval for high security is every four months.
- If you suspect that your account or password has been compromised, report the incident to your supervisor and immediately change your password.
- Passwords should never be written down or stored online. Try to create passwords that can be easily remembered. One way to do this is create a password based on a song title, affirmation, or other phrase. For example, the phrase might be "This May Be One Way To Remember" and the password could be "TmB1w2R" or some other variation.
Weak passwords have the following characteristics:
- Contains less than eight characters
- A word found in a dictionary
- The password is based on personal information, such as:
- Names of family, pets, friends, co-workers, fantasy characters, etc.
- Birthdays and other personal information such as addresses and phone numbers
- Word or number patterns like aaabbb, 123321, etc.
- Any of the above spelled backwards
- Any of the above preceded or followed by a digit (e.g. secret1, 1Name)
Strong passwords have the following characteristics:
- Contain both lower and upper case characters
- Are at least eight alphanumeric characters long
- Are not a word in any language
- Are not based on personal information
