1 {assign var="title" value="Password strength requirements"}

     2 {include file="header.tpl"}

     3 

     4 <h1>Password security policy</h1>

     5 

     6 <p>Passwords are often considered <a href="http://www.zdnet.com/blog/service-oriented/passwords-are-the-weakest-link-in-enterprise-it-security-study/8682">one

     7 	of the weakest links</a> in information security. For the safety of the entire organization, this appliance employs password security policies designed to

     8 	minimize the risk of a successful attack against any account on the system.</p>

     9 

    10 <p>These requirements are summarized as follows:</p>

    11 

    12 <ul>

    13 	<li>Passwords must be a minimum of 8 characters in length.</li>

    14 	<li>

    15 		For passwords which are 16 characters in length or less:

    16 		<ul>

    17 			<li>The password contain at least one letter (A-Z, a-z)</li>

    18 			<li>The password contain at least digit (0-9)</li>

    19 			<li>The password contain at least symbol</li>

    20 		</ul>

    21 	</li>

    22 	<li>

    23 		For passwords which are 17 characters in length or greater:

    24 		<ul>

    25 			<li>Any combination of letters, numbers, and/or symbols is permitted.</li>

    26 		</ul>

    27 	</li>

    28 </ul>

    29 

    30 <p>We recognize that generating secure passwords which meet stringent security requirements can be a difficult exercise. Thus, we allow longer passwords to not contain

    31 	symbols, enabling the use of passwords which follow the

    32 	<a href="http://xkcd.com/936">XKCD 936</a> pattern. A tool to generate "XKCD 936 compliant" passwords can be found 

    33 	<a href="https://correcthorsebatterystaple.heroku.com/">here</a>.</p>

    34 

    35 {include file="footer.tpl"}