...
Framework Data Flow Model
Password Policy
- Minimum password length must be 8(eight) characters.
- Cannot be the same (meaning exactly the same) or similar (defined as 80%) to your user name
- Must contain all of the following four:
- Upper case letters e.g. A,B,C
- Lower case letters e.g. a,b,c
- Numbers e.g. 1,2,3
- Symbols e.g. @,#,+ !)
- Should be changed at least every three months
- Ensure that passwords are not displayed on screen
- Issue temporary passwords that must be changed on first use
- Users must set their own password
- Reuse of passwords must be restricted. Reuse of the last eight passwords used is not allowed
- Lockout account after 5 times within 30 minutes
- Lockout duration 30 minutes
...