Topic starter
A password is a secret string of characters used to verify a identity and grant access to systems, applications, or data via any account. Without a strong password policy, security gaps open up, making systems vulnerable to attacks, data loss, and compliance violations.
The best practice for the Password Policy which is recommend :-
- Define Minimum Password Length
- Longer passwords are harder to crack.
- At least 12–16 characters
- For higher security environments, consider requiring 16+ characters is recommended
- Password Complexity
- Password complexity refers to rules that require passwords to contain a mix of different character types, making them harder to guess or crack.
- A complex password typically includes at least three or all four of the following character types:
- Uppercase letters
- Lowercase letters
- Numbers
- Special characters
- Prevent Reuse the Password
- To prevent password reuse as part of a password policy, you can implement the following security measure commonly referred to as a "Password History Policy". This policy ensures users cannot reuse their previous passwords for a defined number of password changes.
- Disallow reuse of the at lease last 5–10 passwords.
- Helps avoid repeating weak or previously compromised passwords.
Posted : 15/09/2025 2:06 pm
