0
|
1 |
{assign var="title" value="Password strength requirements"}
|
|
2 |
{include file="header.tpl"}
|
|
3 |
|
|
4 |
<h1>Password security policy</h1>
|
|
5 |
|
|
6 |
<p>Passwords are often considered <a href="http://www.zdnet.com/blog/service-oriented/passwords-are-the-weakest-link-in-enterprise-it-security-study/8682">one
|
|
7 |
of the weakest links</a> in information security. For the safety of the entire organization, this appliance employs password security policies designed to
|
|
8 |
minimize the risk of a successful attack against any account on the system.</p>
|
|
9 |
|
|
10 |
<p>These requirements are summarized as follows:</p>
|
|
11 |
|
|
12 |
<ul>
|
|
13 |
<li>Passwords must be a minimum of 8 characters in length.</li>
|
|
14 |
<li>
|
|
15 |
For passwords which are 16 characters in length or less:
|
|
16 |
<ul>
|
|
17 |
<li>The password contain at least one letter (A-Z, a-z)</li>
|
|
18 |
<li>The password contain at least digit (0-9)</li>
|
|
19 |
<li>The password contain at least symbol</li>
|
|
20 |
</ul>
|
|
21 |
</li>
|
|
22 |
<li>
|
|
23 |
For passwords which are 17 characters in length or greater:
|
|
24 |
<ul>
|
|
25 |
<li>Any combination of letters, numbers, and/or symbols is permitted.</li>
|
|
26 |
</ul>
|
|
27 |
</li>
|
|
28 |
</ul>
|
|
29 |
|
|
30 |
<p>We recognize that generating secure passwords which meet stringent security requirements can be a difficult exercise. Thus, we allow longer passwords to not contain
|
|
31 |
symbols, enabling the use of passwords which follow the
|
|
32 |
<a href="http://xkcd.com/936">XKCD 936</a> pattern. A tool to generate "XKCD 936 compliant" passwords can be found
|
|
33 |
<a href="https://correcthorsebatterystaple.heroku.com/">here</a>.</p>
|
|
34 |
|
|
35 |
{include file="footer.tpl"}
|