• First Reference
  • About us
  • Contact us
  • Blog Signup 📨

First Reference Talks

Discussions on Human Resources, Employment Law, Payroll and Internal Controls

  • Home
  • About
  • Archives
  • Resources
  • Buy Policies

password policy

By Apolone Gentles, JD, CPA,CGA, FCCA, Bsc (Hons) | 4 Minutes Read June 3, 2020

Maintain effective password policies

IT departments should implement and maintain effective password policies containing robust user identification and password practices. Millions of users worldwide continue to use 123456 and other easily guessed passwords (see here for 100,000 passwords to avoid). In a 2019 Ponemon study, 69% of respondents shared passwords with work colleagues, and 51% reused an average of five passwords across their business or personal accounts—contrary to best practices.

Article by Apolone Gentles, JD, CPA,CGA, FCCA, Bsc (Hons) / Finance and Accounting, Information Technology, Privacy / account lockout, account throttling, Digital Identity Guidelines, least privilege, National Institute of Standards and Technology (NIST), password dictionary, password hygeine, password overload, password policy, Publication 800-63, re-authentication, single sign-on, unique identifiers

By Occasional Contributors | 2 Minutes Read August 29, 2017

NIST’s recommended password policy evolves

As imperfect a means of authentication as they are, “memorized secrets” like passwords, pass phrases and PINs are common, and indeed are the primary means of authentication for most computer systems. In June, the National Institute of Standards and Technology issued a new publication on digital identity management that, in part, recommends changes to password policy that has become standard in many organizations—policy requiring passwords with special characters.

Article by Occasional Contributors / Information Technology, Privacy / authentication, digital identity management, Internal Controls, IT security, National Institute of Standards and Technology, NIst, password policy, passwords, security

Footer

About us

Established in 1995, First Reference is the leading publisher of up to date, practical and authoritative HR compliance and policy databases that are essential to ensure organizations meet their due diligence and duty of care requirements.

First Reference Talks

  • Home
  • About
  • Archives
  • Resources
  • Buy Policies

Main Menu

  • About First Reference
  • Resources
  • Contact us
  • 1 800 750 8175

Stay Connected

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

We welcome your comments on our blog articles. However, we do not respond to specific legal questions in this space.
We do not provide any form of legal advice or legal opinion. Please consult a lawyer in your jurisdiction or try one of our products.


Copyright © 2009 - 2023 · First Reference Inc. · All Rights Reserved
Legal and Copyright Notices · Publisher's Disclaimer · Privacy Policy · Accessibility Policy