Account Lockout Policy
To restrict the potential for password compromises, we have implemented an account lockout policy. The thresholds and durations for account lockouts are as follows:
Admin/Privileged Users
- Accounts will be locked after <xx> invalid password attempts within <xx> minutes.
- Accounts will be locked for <xx> minutes or until the IT desk is contacted and the user’s identity is verified.
Standard Users
- Accounts will be locked after <xx> invalid passwords attempts within <xx> minutes.
- Accounts will be locked for <xx> minutes or until the IT desk is contacted and the user’s identity has been verified.
Mobile Devices
- Mobile devices must be enrolled in <company name> MDM in order to access company information including email and the internal company website.
- Passwords may be secured with biometric authentication.
- The company’s container will be erased upon <xx> invalid password attempts.
Password Compliance
<company name> has a password policy in place. To make passwords customized, yet easier to remember, try these ideas:
- Choose 4 disparate, unrelated words (see XKCD for an explanation).
- Choose a passphrase (such as a song lyric or famous quote) and use the first character of each word as the password. Substitute some of the characters to symbols and you become compliant with your company’s policy.
- Always choose to use Multifactor Authentication (MFA).
Password Reset
<company name> has a self-service password reset option. If you know your current password, you can change it in your employee profile. If you have forgotten your password, you can reset it with the link on the employee portal login page. You will be required to authenticate with MFA before you can reset your password. For issues related to MFA, contact the helpdesk at <helpdeskemail@companydomain.com>, live chat, or extension <xxx>.
Security Concerns
If at any time you feel your account has been compromised for any reason, please contact Security at <securityemail@companydomain.com>, live chat, or extension <xxx>.
