Passwords
After usernames, passwords become the front-line defense against intruders. You can be as careful about assigning and maintaining usernames, but one weak password can allow anyone to open the door to the network. Password policies fall into two categories: what constitutes a valid password and the storage of those passwords.
Policies Defining Valid Passwords
Good policies for passwords specify that the passwords are difficult to guess. Although the concept of difficult to guess seems abstract, the generally accepted formula is that the password should be a mixture of letters, numbers, or special characters and not a word one would find in the dictionary. Another way to prevent guessable passwords is to maintain “social engineering ...
Get Writing Information Security Policies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.