Jingga/Organization-Guide
1
0
Fork 0
mirror of https://github.com/Karaka-Management/Organization-Guide.git synced 2026-01-17 07:18:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update Password Guideline.md

Browse Source
This commit is contained in:
Dennis Eichhorn 2022-07-25 11:08:48 +02:00 committed by GitHub
parent d8c8b6fdb1
commit 31d9da11f3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Policies & Guidelines/IT/Password Guideline.md
View File

@ -13,7 +13,7 @@ Passwords protect confidential company data, as well as customer and supplier da
Additionally, if it is possible to define a password change interval it should be set to once a year. This way passwords don't become stale and in case of a password leak get rotated out. Shorter password change intervals could lead to friction for the employees resulting in a security fatigue.
## Server protection
## Additional protection
For direct server access ssh keys must be used instead of passwords. In addition, these ssh keys should be password protected according to the above mentioned format specifications. If possible second factor authentication should be enabled for direct server access. This second factor authentication should be bound to the owner of the ssh key (i.e. SMS authentication, app authentication, ...)