packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/includes/templates/pw-strength.tpl
equal
deleted
inserted
replaced
|
1 {assign var="title" value="Password strength requirements"} |
|
2 {include file="header.tpl"} |
|
3 |
|
4 <h1>Password security policy</h1> |
|
5 |
|
6 <p>Passwords are often considered <a href="http://www.zdnet.com/blog/service-oriented/passwords-are-the-weakest-link-in-enterprise-it-security-study/8682">one |
|
7 of the weakest links</a> in information security. For the safety of the entire organization, this appliance employs password security policies designed to |
|
8 minimize the risk of a successful attack against any account on the system.</p> |
|
9 |
|
10 <p>These requirements are summarized as follows:</p> |
|
11 |
|
12 <ul> |
|
13 <li>Passwords must be a minimum of 8 characters in length.</li> |
|
14 <li> |
|
15 For passwords which are 16 characters in length or less: |
|
16 <ul> |
|
17 <li>The password contain at least one letter (A-Z, a-z)</li> |
|
18 <li>The password contain at least digit (0-9)</li> |
|
19 <li>The password contain at least symbol</li> |
|
20 </ul> |
|
21 </li> |
|
22 <li> |
|
23 For passwords which are 17 characters in length or greater: |
|
24 <ul> |
|
25 <li>Any combination of letters, numbers, and/or symbols is permitted.</li> |
|
26 </ul> |
|
27 </li> |
|
28 </ul> |
|
29 |
|
30 <p>We recognize that generating secure passwords which meet stringent security requirements can be a difficult exercise. Thus, we allow longer passwords to not contain |
|
31 symbols, enabling the use of passwords which follow the |
|
32 <a href="http://xkcd.com/936">XKCD 936</a> pattern. A tool to generate "XKCD 936 compliant" passwords can be found |
|
33 <a href="https://correcthorsebatterystaple.heroku.com/">here</a>.</p> |
|
34 |
|
35 {include file="footer.tpl"} |