💼 4.2.3 Support users to choose unique passwords for their work accounts

• Contextual name: 💼 4.2.3 Support users to choose unique passwords for their work accounts
• ID: /frameworks/uk-cyber-essentials-v3.1/04/02/03
• Located in: 💼 4.2 Authenticate users with unique credentials before granting access to applications or devices

Description

Support users to choose unique passwords for their work accounts by:

• educating people about avoiding common passwords, such as a pet's name, common keyboard patterns or passwords they have used elsewhere. This could include teaching people to use the password generator feature built into some password managers.
• encouraging people to choose longer passwords by promoting the use of multiple words (a minimum of three) to create a password (such as the NCSC’s guidance on using three random words)
• providing usable secure storage for passwords (for example a password manager or secure locked cabinet) with clear information about how and when it can be used.
• not enforcing regular password expiry
• not enforcing password complexity requirements

Similar

• Internal
  • ID: dec-c-63c52385

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS Account IAM Password Policy Number of passwords to remember is not set to 24 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-f7c2faac	1