This document describes and justifies current password management systems best practices in an enterprise network. It is intended to offer reasoned guidance to information technology decision makers when they set security policy and design network infrastructure that includes passwords.
Main parts of password manage systems are fallows:
User authentication and passwords: Describes the objectives of user authentication, alternative technologies for authentication and why passwords continue to be the prevalent technology for identifying users.
Security threats: A list of the major security threats to password-protected network systems.
Human factors: How human behaviour affects password management.
Composition rules: Recommended rules for composing an acceptable password.
Changing and reusing passwords: Reasons and recommendations for periodic password changes, and for not recycling old passwords.
Security: The need for keeping passwords secret, and recommended practices.
Intruder detection: Detecting and responding to security attacks.
Encryption: Using encryption to protect passwords in storage and in transit.
Synchronization: Reasons for and risks with keeping passwords on different systems the same.
User support: Password problems encountered by users, and how to securely resolve them.
Find out more: Other resources with information about password management.