![]() ![]() When resetting passwords, can users use a password they entered in the past? (Table Row XI.11, OECD / World Bank Technology Risk Checklist, Version 7.3).Password history of 6 (Section 5.7 IDM-11 Basic requirement ¶ 1 Bullet 4, Cloud Computing Compliance Controls Catalogue (C5)).(Section 5.7 IDM-11 Description of additional requirements (confidentiality) ¶ 1 Bullet 7, Cloud Computing Compliance Controls Catalogue (C5)) (§ 3.6.13, Australian Government ICT Security Manual (ACSI 33)) § 3.6.13 When changing passwords, the new password should not be the same as one of the last 8 passwords the user used.(Control: 0445 Bullet 6, Australian Government Information Security Manual: Controls) The organization must audit passphrases for privileged accounts on a regular basis to ensure they are not being reused or not being used for multiple accounts, particularly between privileged accounts and nonprivileged accounts.(Control: 0426 Bullet 2, Australian Government Information Security Manual: Controls) The organization must not let users use the same passphrase for 8 changes on top secret systems.(Control: 0424 Bullet 2, Australian Government Information Security Manual: Controls) The organization should not let passphrases to be reused for 8 changes on systems classified below top secret.Password controls should include a change of password upon fir… (§ 11.1.5, Monetary Authority of Singapore: Technology Risk Management Guidelines) Thus, the FI should enforce strong password controls over usersâ access to applications and systems. Passwords represent the first line of defence, and if not implemented appropriately, they can be the weakest link in the organisation. ![]() (T26.2(3), FISC Security Guidelines on Computer Systems for Banking and Related Financial Institutions, 7th Edition) The organization should not allow users to use their previous two passwords.¶ 1 (c), Guidelines for Reducing and Mitigating Hacking Risks Associated with Internet Trading) Minimum password complexity (ie, alphanumeric) and history (1.6. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |