Password Management. Password management includes the generation, issuance, and control of the passwords that support authentication. Entity must comply with the following password management for access to DPS information: a. Password management must meet the requirements of DPS security policy at minimum; however, Entity is authorized to implement password requirements that exceed DPS security policy. To comply with DPS security policy, passwords must: (1) Be a minimum length of 8 characters; (2) Contain a mix of upper and lower case characters, numeric characters, and special characters; (3) Not be a dictionary word or proper name; (4) Not be the same as, or contain, the User ID; (5) Expire within a maximum of 90 calendar days; (6) Not be identical to the previous 10 passwords; (7) Never be displayed in clear text on the screen; and never be written down and stored physically. b. Passwords considered re-usable must be encrypted during transmission. c. Passwords must be stored in an encrypted form in a protected password file to ensure confidentiality. d. If the security of a password is in doubt, the password must be changed immediately.
Appears in 3 contracts
Sources: User Agreement to Purchase Driver Records or Driver Record Monitoring Services, User Agreement to Purchase Driver Records or Driver Record Monitoring Services, User Agreement to Purchase Driver Records or Driver Record Monitoring Services