packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/includes/templates/pw-strength.tpl
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/includes/templates/pw-strength.tpl Tue Jan 08 23:13:29 2013 -0500
@@ -0,0 +1,35 @@
+{assign var="title" value="Password strength requirements"}
+{include file="header.tpl"}
+
+<h1>Password security policy</h1>
+
+<p>Passwords are often considered <a href="http://www.zdnet.com/blog/service-oriented/passwords-are-the-weakest-link-in-enterprise-it-security-study/8682">one
+ of the weakest links</a> in information security. For the safety of the entire organization, this appliance employs password security policies designed to
+ minimize the risk of a successful attack against any account on the system.</p>
+
+<p>These requirements are summarized as follows:</p>
+
+<ul>
+ <li>Passwords must be a minimum of 8 characters in length.</li>
+ <li>
+ For passwords which are 16 characters in length or less:
+ <ul>
+ <li>The password contain at least one letter (A-Z, a-z)</li>
+ <li>The password contain at least digit (0-9)</li>
+ <li>The password contain at least symbol</li>
+ </ul>
+ </li>
+ <li>
+ For passwords which are 17 characters in length or greater:
+ <ul>
+ <li>Any combination of letters, numbers, and/or symbols is permitted.</li>
+ </ul>
+ </li>
+</ul>
+
+<p>We recognize that generating secure passwords which meet stringent security requirements can be a difficult exercise. Thus, we allow longer passwords to not contain
+ symbols, enabling the use of passwords which follow the
+ <a href="http://xkcd.com/936">XKCD 936</a> pattern. A tool to generate "XKCD 936 compliant" passwords can be found
+ <a href="https://correcthorsebatterystaple.heroku.com/">here</a>.</p>
+
+{include file="footer.tpl"}