Scribd
Upload
8 views4 pages

Password Policy

Uploaded by

Max Jin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views4 pages

Password Policy

Uploaded by

Max Jin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Password Policy

Confidential IFFCO Policy Page 1 of 4 18-Sep-07


Password Policy

Approvals:

Name: Group Director - Information Technology Date: September 17, 2007

Name: Date:

Name: Date:

Name: Date:

Revision History:

Revision Revision Sections Reason for Reviser’s


number date Revised revision Name

Confidential IFFCO Policy Page 2 of 4 18-Sep-072


Password Policy

1.0 INTRODUCTION
1.1 Overview

Passwords are an important aspect of computer security. They are the front line of protection
for user accounts. No user can reveal or share a password to anyone. All IFFCO employees
(including contractors and vendors with access to IFFCO systems) are responsible for taking
the appropriate steps, as outlined below, to select and secure their passwords

1.2 Purpose

The purpose of this policy is to establish a standard for creation of strong passwords, the
protection of those passwords, and the frequency of change.

1.3 Scope

The scope of this policy includes all personnel who have or are responsible for an account (or
any form of access that supports or requires a password) on any system that resides at any
IFFCO facility, has access to the IFFCO network, or stores any non-public IFFCO information

2.0 POLICY
2.1 General
All user-level passwords (e.g. e-mail, applications, desktops) must be changed at
least once in every 90 days

Password must be minimum Eight characters

Password must be alphanumeric

Repetition of last five password is not allowed

Passwords must not be inserted into email messages or other forms of electronic
communication.

Never write down Passwords or store them on-line

Do not share IFFCO passwords with anyone, including administrative assistants or


secretaries

Please treat all passwords as sensitive, confidential IFFCO information

Do not use the "Remember Password" feature of applications

If an account or password is suspected to have been compromised, report the


incident to Security Administrator and change all passwords

Confidential IFFCO Policy Page 3 of 4 18-Sep-073


Password Policy

2.2 Guidelines

A. Strong passwords have the following characteristics:

Contain both upper and lower case characters (e.g., a-z, A-Z)

Have digits and punctuation characters as well as letters e.g. 0-9, ! @ # $ % ^ & * ( )
_+|~- =\` {}[]:";'<>?,./)

A strong password should never be the following:

A word in any language, slang, dialect, jargon, or a word found in a dictionary


(English or foreign)

Personal information, names of family members, pets, friends, co-workers,


birthdays or birth years

Computer terms and names, commands, sites, companies, hardware, software

Word or number patterns like aaabbb, qwerty, zyxwvuts, 123321, etc.

Any of the above spelled backwards or preceded or followed by a digit

B. Password Protection Standards

⌧ Don't reveal a password over the phone to ANYONE

⌧ Do not use the same password for IFFCO accounts as for other non-IFFCO access
(e.g., personal ISP account, option trading, benefits, etc.)

⌧ Don't reveal a password in an email message

⌧ Don't talk about a password in front of others

⌧ Don't reveal a password on questionnaires or security forms

⌧ Don't reveal a password to co-workers while on vacation

3.0 ENFORCEMENT

Note: It is mandatory for everyone not to disclose their passwords.

Any violations of this Policy, at the sole discretion of IFFCO, may result in the Users
concerned:

1. User ID of that particular application to be blocked for further usage

2. Access rights to IFFCO Computer Resources being suspended or lost permanently

Confidential IFFCO Policy Page 4 of 4 18-Sep-074

You might also like