At CENTRL, we follow the NIST (National Institute of Standards and Technology) standards for our password criteria and policy.
Creating a strong Password:
To create a strong and complex password, make sure you set a password that is between 8 and 64 characters long and also includes "at least 1 character" from each of the the following groups mentioned below:
- Alphabetical character
- Uppercase character
- Lowercase character
- Non- alphabetical character (Numeric or Special)
Note: Common bad passwords cannot be used. Some examples are:
- Common dictionary words.
- Passwords obtained from previous breach corpuses.
- Context-specific words such as username.
Account lockout threshold:
After 3 unsuccessful attempts, user will be locked for 30 minutes.Note: User can unlock by clicking on Forgot Password. Also, If user is locked 3 times in one day, we inactivate the account and user will have to go through forgot password to reactivate the account.
Password History and Change frequency:
We currently have no requirements for Password history and password change frequency.