User Password Policy
Overview
This policy is intended to establish guidelines for effectively creating, maintaining, and protecting passwords at Cremorne Synagogue.
Scope
This policy shall apply to all employees, contractors, volunteers and affiliates of Cremorne Synagogue, and shall govern acceptable password use on all systems that connect to Cremorne Synagogue network or access or store Cremorne Synagogue data.
Policy
Password Creation
- All user and admin passwords must be at least [8] characters in length. Longer passwords and passphrases are strongly encouraged.
- Where possible, password dictionaries should be utilized to prevent the use of common and easily cracked passwords.
- Passwords must be completely unique, and not used for any other system, application, or personal account.
- Default installation passwords must be changed immediately after installation is complete.
Password Aging
- User passwords must be changed every [3] months. Previously used passwords may not be reused.
- System-level passwords must be changed on a quarterly basis.
Password Protection
- Passwords must not be shared with anyone (including volunteers, coworkers and supervisors), and must not be revealed or sent electronically.
- Passwords shall not be written down or physically stored anywhere in the office.
- When configuring password “hints,” do not hint at the format of your password (e.g., “zip + middle name”)
- User IDs and passwords must not be stored in an unencrypted format.
- User IDs and passwords must not be scripted to enable automatic login.
- “Remember Password” feature on websites and applications should not be used.
- All mobile devices that connect to the company network must be secured with a password and/or biometric authentication and must be configured to lock after 3 minutes of inactivity.
Enforcement
It is the responsibility of the end user to ensure enforcement with the policies above.
If you believe your password may have been compromised, please immediately report the incident to Honorary Secretary at Cremorne Synagogue and change the password.