Unit 7 - Password Policies and Procedures - Babeli
1. USED WITH PERMISSION FROM THE OWNER OF INFINITE VAPOR
Lianna Babeli | Operating Systems I | February 23, 2014
Strong Passwords
POLICIES & PROCEDURES
2. LIANNA BABELI 1
1
Password Policies
For
Infinite Vapor
All employees, including executive staff, should use strong passwords that help
defend against malicious and unauthorized intrusion on all company systems,
including all websites, end user accounts, and systems which require a password
for login that is designed for the business.
All employees, including executive staff, should remember to utilize a password
that does not include any personal information, easily researchable information
concerning one’s social life, and should be as random as possible. This
significantly reduces the chances of a malicious or unauthorized user from
attempting to gain access to any company digital system resources.
The more complex the password involved, within the allowed parameters of the
systems, the less likely it is that an intruder will gain access.
A strong password should include eight characters or longer, with at least one of
the following: uppercase and lowercase letters, numerals (numbers), punctuation
marks, and symbols. The password should be something simple enough to
remember, but complex enough that cannot be easily randomized or easily
researched.
All employees, including executive staff, may not share their passwords with
others without authorization from the individuals and a manager. Do not store
3. LIANNA BABELI 2
2
passwords on the devices that the passwords protect. Keep a digital and
physical, written, copy of your passwords in multiple safe and trusted locations.
For example, keep a notepad with all your passwords on your person or in a
secure location such as a safe or business locker. Utilize your cellphone’s file
encryption to protect certain apps which may contain passwords OR use a very
well-secured password organizing app.
If you store your company passwords at home on your home system, make sure
that these are as encrypted and secure as the ones you might utilize while at
work.
Do NOT share passwords with anyone who is NOT an employee of the
company. No exceptions to this rule!
Examples that meet the criteria for strong passwords are:
NaS043$3!@
J3r3m?132
<4p1Ng!$350
These are complex, very random passwords that will be relatively easy to
remember while having at least 8 characters, including upper and lowercase
alphabetical characters, at least one numerical, at least one punctuation mark,
and at least one symbol. They have no relation to an individual or to anything
personal or company related.
Examples that do not meet the criteria for strong passwords are:
4. LIANNA BABELI 3
3
jenniferb
mydogbennie
mywife1982
These are passwords that are very simple and could be easily discovered or
randomly generated by a hacker without even trying. The only thing these have
going for them is that they are more than 8 characters and that the last one uses
several numericals. Using employee names, family members, or anniversary
dates are a very bad idea.
Any questions or concerns about password design and protection should contact
the IT Manager of your store or the Director of IT within the company as a whole.
If you cannot find this individual, ask your Managers for the appropriate contact
or make sure that they can provide a copy of this policy and procedures
handbook.
Thank you for choosing to work at Infinite Vapor and have fun at work!