At a recent meeting of the Standards Review and Interpretation Committee (SRIC) the committee directed staff to post for client comments the following proposed standard revision.  Please post your comments prior to Friday September 3rd, 2021.

 

6.8.7(M M M) Records or Informational System Password Access

The agency has a written directive regarding the computer, record or information systems, either internal or external, that require password access and addresses:

    1. password construction;
    2. password changes at a minimum of every 90 days; and
    3. password access termination when employment status or position changes.

Commentary

A good practice is to have passwords of at least eight characters including at least one upper case, one lower case, one alpha, and one numeric. (M M M)

Log in or register to post comments | Category: SRIC

Comments

Add new comment

Texto sin formato

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.