FALCOM QMP (Verfahrensanweisung) Passwort Policy

status of this document

STATUS: DRAFT

scope

The purpose of this internal directive / qmp is to define the process of handle company related password(s)

Objectives of the directive :

• everybody understand the use of email as a internal and external communication process
• everybody understand the need of secure communication
• everybody understand how its expected to handle emails
• define the process of setup new employees
• define the process of release employees
• creation and handle of employees (Open)PGP keys
• define escrow key handling

Format

FALCOM strongly recommend to use Email in text format - not HTML or any other. Please reply your answers for better/faster reading on top of the received email or comment inline the other email with quoting the older email.

password requirements (BSI)

• max. age: 90 days

• min. age: 1 day

• min length: 8 characters

• password must meet complexity requirements: ** Contain characters from three of the following four categories:

  *** uppercase characters (A through Z) *** lowercase characters (a through z) *** base 10 digits (0 through 9) *** non-alphabetic characters (for example, !, $, #, %)

• enforce password history (min. 6)