We recommend that you set the PWHIST control option to at least 4 to prevent password reuse.
Business Value:
This best practice adds an additional layer of password protection by forcing users to use new passwords. Many security policies, auditors, industry standards, and compliance laws and regulations require a password history to protect against password reuse. For example, Payment Card Industry-Data Security Standard (PCI-DSS) v1.2 requires that a user's new password cannot be the same as one of the last 4 passwords.
Additional Considerations:
CA Top Secret offers expanded password history support, which lets you prevent users from using the same password for up to 64 password iterations.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|