How You Enforce Password Requirements
After assessing your specific security situation, you may want to consider enforcing password requirements.
- Lock staff accounts after three to five invalid login attempts. (The B2C Service default is five.)
- Set password length to a minimum of 10 characters.
- Require special characters and numbers.
- Require both uppercase and lowercase characters.
- Avoid using words or phrases that can be identified with a person, such as their name, address, telephone number, job title, type of car, and so on.
- Encourage users to choose passwords that are easy to remember and to type. For example, common
words, song lyrics, poems and so on, with slightly misspelled words, go a long way toward
security.
- 2BeOrNot2Bee?
- MaryhadaL1ttlelam
- JollyBARN+be4Cow
- Stress the importance of keeping passwords secure by memorizing them and keeping them secret.