Password Policy
Purpose: To establish strong password practices that protect the organization's data and systems.
Scope: Applies to all employees and contractors who access organizational systems.
Password Requirements:
Minimum of 12 characters in length.
Must include uppercase and lowercase letters, numbers, and special characters.
Cannot be reused within a specified number of generations.
Password Changes:
Mandatory change every 90 days.
Immediate change if compromise is suspected.
Secure Storage: Guidelines for securely storing and sharing passwords.
Compliance: All users must adhere to this policy to maintain system security.
This policy ensures the use of strong, secure passwords, reducing the risk of unauthorized access.