Password Policy
Purpose: To establish strong password practices that protect the organization's data and systemsensure the creation and use of strong, secure passwords to protect company data.
Scope: Applies to all All employees and contractors who with access organizational to company systems.
Password Requirements:
Length: Minimum of 12 characters in length.
Complexity: Must include uppercase and lowercase letters, numbers, and special characterssymbols.
Cannot be reused within a specified number of generations.
Password Changes:
Mandatory change Change Frequency: Passwords must be changed every 90 days.Immediate change if compromise is suspected
Unique Passwords: No reuse of the last 6 passwords.
Secure Storage : Guidelines for securely storing and sharing passwordsand Sharing: Passwords must not be written down or shared. Use a company-approved password manager.
Compliance : All users must adhere to this policy to maintain system security.
...
Monitoring: Regular audits to enforce policy adherence.
Violation Consequences: Non-compliance will result in disciplinary action.