Password policy

Password policy it’s a strict rules to password content. Rules you can find below:

- password must be at least eight characters long
- password should not be easily guessed (the password should not include a repeating sequence of any characters (for example, “111111”, “aaaaaa”, “12345”, “qwerty”, “ytsuken”, etc.)
- password should not include easily selectable combinations of symbols (first names, surnames, names, nicknames of pets, dates of birth, etc.) and generally accepted abbreviations (computer, LAN, USER, etc.)
- password must contain characters from the following four categories
- uppercase letters of the English alphabet from A to Z;
- lowercase letters of the English alphabet from a to z;
- decimal digits (0 to 9);
- non-alphabetic characters (e.g.!, $, #,%)
- password can’t be reused for 12 month (default configurable value)
- 5 last passwords can’t be reused (default configurable value)

Password policy also include obligatory blocking of users if password isn’t updated 90 days (default configurable value).