-
Notifications
You must be signed in to change notification settings - Fork 0
Password policy
Martin Remmelgas edited this page Jun 9, 2026
·
1 revision
Date approved: 9 Jun 2026
Approved by: Martin Remmelgas
- Minimum Length = 12 characters
- Special Characters = No
- Password Reuse = No
- Password expiration = No
- Multi-factor authentication (MFA) = Yes, whenever possible
To make a secure password you can remember, consider using a combination of 5 or more random words. Security questions like “What is your favorite color? What is your mother’s maiden name?”, etc should be answered with a random non-obvious word or set of words. You can generate answers in 1Password and store them as a note. This helps ensure the answer isn’t easily guessable and will be unique across different sites.
- Passwords are to be kept private and secured.
- Passwords must be stored in 1Password or another approved password manager application and may be pasted from this using a master password function.
- Individual account passwords are not to be shared.
- Passwords are not to be stored in clear text or be written down.
- Password “hints” are not to be used. If a password is forgotten, a mechanism must be in place to replace a password/passphrase with sufficient controls to verify the identity of the requester of the password reset.
- If an account or password is suspected to have been compromised, immediately report the incident to your Team Lead and promptly follow instructions.