RonBoyd
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Here are the recommendations from NIST for your organization:
Require everyone to use longer passwords or passphrases of 15 or more characters without requiring uppercase, lowercase, or special characters.
Only require password changes when there’s a reason to believe your network has been compromised.
Have your network administrators screen everyone’s passwords against lists of dictionary words and passwords known to have been compromised.
To help prevent a denial of service attack against your email service, don’t lock a user’s account after a certain number of incorrect login attempts. That way, even if an adversary floods your network with purposefully incorrect login information, your users won’t be locked out of their accounts.
Don’t allow password “hints.”
https://www.fbi.gov/contact-us/fiel...day-building-a-digital-defense-with-passwords
Require everyone to use longer passwords or passphrases of 15 or more characters without requiring uppercase, lowercase, or special characters.
Only require password changes when there’s a reason to believe your network has been compromised.
Have your network administrators screen everyone’s passwords against lists of dictionary words and passwords known to have been compromised.
To help prevent a denial of service attack against your email service, don’t lock a user’s account after a certain number of incorrect login attempts. That way, even if an adversary floods your network with purposefully incorrect login information, your users won’t be locked out of their accounts.
Don’t allow password “hints.”
https://www.fbi.gov/contact-us/fiel...day-building-a-digital-defense-with-passwords