Creation of passwords | V4.6.5, Domain Manager | V4.6.5, Users |
---|---|---|
a) Enforce passwords to be made up of at least 12 characters and contain characters from at least two of the following four categories: | Fulfil | Fulfil |
i) Upper case characters (A through Z); | Fulfil | Fulfil |
ii) Lower case characters (a through z); | Fulfil | Fulfil |
iii) Digits (0-9); | Fulfil | Fulfil |
iv) Special Characters (!, $, #, %, etc.); | Fulfil | Fulfil |
b) Prohibit passwords from being the same as the system account ID or user ID; and (assuming that both passwords and usernames, userid are not same) | Fulfil | Fulfil |
c) Prohibit accepting passwords that are commonly used, guessable or compromised; | Fulfil | Fulfil |
Change of passwords | V4.6.5, Domain Manager | V4.6.5, Users | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
d) Enforce password change upon first login; | Fulfil | Don’t Fulfil | |||||||||||||
e) Enforce password change once every 12 months; | Fulfil | Fulfil | |||||||||||||
f) Prohibit password reuse for a minimum of three generations; | Fulfil | Fulfil |
Secure usage of passwords | V4.6.5, Domain Manager | V4.6.5, Users |
---|---|---|
g) Protect stored passwords from offline attacks | Fulfil | Fulfil |
h) Transmit passwords over an encrypted channel, such as Transport Layer Security (TLS) or Secure Shell (SSH) | Fulfil | Fulfil |
i) Ensure passwords are not displayed in clear; and | Fulfil | Fulfil |
j) Lock the system account upon 10 consecutive failed authentication attempts. | Fulfil | Fulfil |