Other Types of Threat and Exploitation › Passwords and User Accountability
Passwords and User Accountability
Password research and evidence indicate:
- The longer the password:
- The harder it is to crack.
- The harder it is to remember.
- The more likely it is written down.
- The shorter the password:
- The easier it is to crack.
- The easier it is to remember.
Ensure that passwords conform to the following rules:
- Personal information such as name of spouses, children, names of places, months, license numbers, and telephone numbers must not be used.
- A minimum length of at least four or five characters.
- Passwords that are generated by using vowels alternating with consonants.
- Passwords that can be pronounced.
- Possible consideration of passwords that are automatically generated for online users to eliminate password distribution problems and user‑selected passwords.
- Passwords that are forced to be changed at least once a month.
- A password history that is maintained to prevent re‑use of similar passwords (automatic with CA Top Secret).
- Passwords cannot be changed more than once per day.
- Common words are restricted.
- Password cannot match User id.
Provide password distribution for remote users through self‑sealed mailers. Establish a procedure that the user acknowledges receiving the password. Never communicate passwords over the telephone!
Implement a system that makes users responsible for their actions. By setting up penalties for security breaches, data integrity is less likely to be compromised.
Copyright © 2010 CA Technologies.
All rights reserved.
|
|