Password Policy 19.0
Net Diatom Password Policy 19.0
At Net Diatom passwords are not to be shared, spoken aloud, or handed off from team member to team member. Passwords are changed every 90 days at the longest and must include Lower and uppercase figures, numbers and special characters. This is to be followed for all server side and customer facing data and info.
A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. A password policy is often part of an organization's official regulations and may be taught as part of security awareness training. Either the password policy is merely advisory, or the computer systems force users to comply with it. Some governments have national authentication frameworks that define requirements for user authentication to government services, including requirements for passwords.
The United States Department of Commerce's National Institute of Standards and Technology (NIST) has put out two standards for password policies which have been widely followed.
From 2004, the “NIST Special Publication 800-63. Appendix A,” advised people to use irregular capitalization, special characters, and at least one numeral. It also recommended changing passwords regularly, at least every 90 days. This was the advice that most systems followed, and was "baked into" a number of standards that businesses needed to follow.