TABLE OF CONTENTS
While all aspects of Screendragon's password policy can be customized to meet specific organizational needs, by default, Screendragon aligns with the National Institute of Standards and Technology (NIST) best practices. This policy enhances security while simultaneously improving the user experience.
Password setup is located under Settings > Security Manager.
Password Policy Details
- Breach Checking: Prospective passwords will be checked against known password breach databases. Any matching passwords are rejected to mitigate the risk of using compromised passwords.
- Context Checking: Passwords cannot contain context-specific words, such as the service name or the user’s username. This prevents susceptibility to guessing and enhances overall password security.
- Expiration Time: Passwords do not expire unless discovered in a password breach database. This approach reduces the user's frustration around regular password changes.
- Failed Attempts: Users will be allowed up to ten failed password attempts before being temporarily locked out of the system or service, limiting the potential for unauthorized access.
- Length: User-generated passwords must have a minimum length of 8 characters. Passwords can be created with a maximum length of 64 characters.
- Numeric Characters: These are digits from 0 to 9. A password may include numeric characters to increase its strength and complexity.
- Previous Passwords: This refers to any passwords previously used by the user. The current password must not match any of the last [insert number] passwords to prevent reuse and enhance security.
- Repeated Characters: This term refers to the same character appearing consecutively in a password (e.g., “aaaa” or “1111”). To improve security, passwords must avoid the use of repeated characters.
- Sequential Characters: To enhance security, users are prohibited from using sequential characters (e.g., “1234”) or (e.g., “abcd”) in their passwords.
- Special Characters: Special characters are non-alphanumeric characters that include symbols such as !, @, #, $, %, etc,
- Uppercase Characters: Uppercase characters refer to the letters A through Z in their capitalized form (e.g., A, B, C, D, etc.). Including uppercase letters in a password can improve its strength and complexity, making it more resistant to unauthorized access.
- Complexity Requirements: The policy eliminates mandatory complexity requirements, such as the need for special characters, numbers, or uppercase letters, unless the customer specifically implements them.
- Integration with Have I Been Pwned: Screendragon now integrates with Have I Been Pwned to bolster password security. When users create a password, it is checked against known password breach databases. This integration employs the k-anonymity model, ensuring that only a portion of the password hash is sent to their API, thereby maintaining user privacy. This method is widely adopted by enterprise-grade password managers, including Keeper, which we utilize in our system.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article