InfoWARE Password Policy Enforcement
InfoWARE provides for a very powerful yet flexible password policy that administrators can configure to meet their security policy requirements. Below is a table that describes each policy requirements|
Password Policy |
Default |
Weak |
Medium |
Strong |
Very Strong |
|
Minimum Password Length |
6 |
6 |
6 |
8 |
12 |
|
Requires Digits |
No |
No |
Yes |
Yes |
Yes |
|
Require Mixed Case |
No |
No |
Yes |
Yes |
Yes |
|
Disallow UserName Sequence in Password |
No |
No |
No |
No |
Yes |
|
Requires Special Charactars |
No |
No |
No |
Yes |
Yes |
|
Maximum Character Sequence Count |
All |
4 |
4 |
3 |
3 |
|
Password Expiry (Days) |
30 |
30 |
30 |
30 |
30 |
|
LockoutDuration (Minutes) |
0 |
0 |
5 |
30 |
60 |
|
Lockout Threshold (number of tries) |
3 |
3 |
3 |
3 |
3 |
In addition, our security system does the following
- Maintains an internal dictionary of commonly used password phrases and disallows them when found to be used. We continuously update this internal list as research dictates. We use IEEE as well as other scientific publications to keep abreast of this continuously changing field
- InfoWARE security uses a special algorithm to check passwords for well known sequences based on research data from the security industry. Some of the sequences we detect include,
- Alphabetic sequence : For example “1234”, “defghijk”, etc
- Querty US KeyBoard sequence : For example, “xcvbn”, “yuiop[]\”, etc
- Querty UK keyboard sequence : For example, “!”#$%^&” etc
- Azerty keyboard sequence : For example, “zertyui”, “qsdfg” etc
Please note: The sequences are not limited to the length of the examples above. InfoWARE detects sequences irrespective of length. Also, a failure is triggered only if there are at least 3 characters are found in sequence. This is done to avoid disallowing longer passwords which may have accidental sequences.
- InfoWARE detects Elite encoded passwords (which uses the 1337/Leet substitution approach) then implements a reverse substitution before applying policy checks
