Password Policy

Standards for user passwords

Context

To ensure account security, user passwords must meet the requirements specified below.

Scope

Applies to: All registered users
Effective Date: YYYY-MM-DD
Review Date: Yearly

Standards

Password Requirements

A valid password must contain at least one character from each of the following categories:

One uppercase letter (A–Z)
One lowercase letter (a–z)
One numeric digit (0–9)
One special character (for example: ! @ # $ % ^ & * ( ) _ + - = [ ] { } ; : , . ? /)

Passwords that do not meet these requirements will be rejected.

General Recommendations

Passwords should be sufficiently long (e.g., minimum 8 characters or more).
Avoid using easily guessable information such as names, dates, or common words.
Do not reuse passwords across multiple systems.

Password Expiration

Passwords expire after a defined period : 1 year.
Systems should propose users to change password.
Previously used passwords cannot be reused for a defined number of cycles. For now: last 1 password.

Code Review Standards

Standards for code reviews

Process Documentation

Team workflows and procedures

On this page

Context Scope Standards Password Requirements General Recommendations Password Expiration