Enterprise Password Management Guide

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology » | Visit National Institute of Standards and Technology »

From National Institute of Standards and Technology | May 8, 2009

Passwords are used in many ways to protect data, systems, and networks. For example, passwords are used to authenticate users of operating systems and applications such as e-mail, labor recording, and remote access. Passwords are also used to protect files and other stored information, such as password-protecting a single compressed file, a cryptographic key, or an encrypted hard drive. In addition, passwords are often used in less visible ways; for example, a biometric device may generate a password based on a fingerprint scan, and that password is then used for authentication.

This publication provides recommendations for password management, which is the process of defining, implementing, and maintaining password policies throughout an enterprise. Effective password management reduces the risk of compromise of password-based authentication systems.

The attached Zip file includes:

• Intro Page.doc
• Cover Sheet and Terms.pdf
• Enterprise Password Management Guide.pdf

Related IT Downloads

• 

  Secure Web Services Guide

  TUTORIALS

  Flexibility and reusability also create potential security risks.

• 

  Recognizing and Avoiding E-mail Scams

  TUTORIALS

  These precautions can help you fight off the hordes of e-mail scams and threats.

• 

  Top 10 Sources of Viruses - October 2009

  RESEARCH

  This table is taken from Network Box's report on Globalization of Malware Production.