Password Policy & Guidelines
Passwords are a critical piece of information and network security. Passwords serve to protect user accounts, but a poorly chosen password, if compromised, could put the entire network at risk. As a result, all employees of Bridgeway are required to take appropriate steps to ensure that they create strong, secure passwords, and keep them always safeguarded.
*** Do not give your passwords to anyone they are private **
Here are some general points to keep in mind while creating a new password:
- Passwords must be changed every 60 days.
- Users will be notified 14 days in advance of password expiration date. At this time, users will be prompted to select a new password.
- All passwords must conform to the guidelines outlined below.
Below list additional guidelines that are to be followed when constructing a password:
- Passwords should not be based on well-known or easily accessible personal information.
- Passwords must contain at least 10 characters.
- All passwords must start with a letter.
- Passwords must be unique for 24 password changes.
- Passwords must not be based on a users’ personal information or that of his or her friends, family members, or pets. Personal information includes logon I.D., name, birthday, address, phone number, social security number, or any permutations thereof.
- Passwords must not be words that can be found in a standard dictionary (English or foreign) or are publicly known slang or jargon.