Commit 28879a34 authored by wyang's avatar wyang Committed by Zhengji Zhao

Update pw policy

parent 3baaded4
......@@ -92,14 +92,16 @@ further justifies a change in password policy.
When users are selecting their own passwords for use at NERSC, the
following requirements must be used.
* The password change interface will include a strength meter,
and the strength level for a new password must be either 'safe'
or 'very safe.'
* The minimum length is 8 characters if MFA is enabled for your
account. Otherwise, it should be at least 14 characters.
* The password must register as either 'safe' or 'very safe' on
a password strength meter that is provided.
* If MFA is not enabled for your account the minimum password
length is 14 characters. The enforced minimum length for accounts
with MFA enabled is 8 characters, but in practice it may be
difficult to select a password that registers as 'safe' on the
meter with this short password.
* There is no character complexity rule regarding inclusion of
uppercase/lowercase letters, digits and special characters.
* Passwords will have to be changed in every six months.
* Passwords will have to be changed every six months.
## Login Failures
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment