D3-SPP

Harden
Strong Password Policy

Definition

Modifying system configuration to increase password strength.

How it works

Password strength guidelines include increasing password length, permitting passwords that contain ASCII or Unicode characters, and requiring systems to screen new passwords against lists of commonly used or compromised passwords.

Considerations

Extremely complex password requirements may lead users to saving passwords in text files or picking obvious passwords that meet the policy.

Artifact Relationships

This defensive technique relates to specific digital artifacts.

hardens
strengthens
strengthens
Strong Password Policy
OT Controller
User Account
Password

References

Reference - Digital Identity Guidelines 800-63-3 Reference - Testing Metrics for Password Creation Policies by Attacking Large Sets of Revealed Passwords