The IT Law Wiki

Password Management Guideline

32,081pages on
this wiki
Add New Page
Add New Page Talk0

Citation Edit

Department of Defense, Password Management Guideline (known as the "Green Book") (Apr. 12, 1985) (full-text).

Overview Edit

This Guideline provided a set of good practices directed toward preventing password compromise. Large numbers of ADP systems require identification and authentication of a system user. Often, the authentication mechanism implemented is a password — a "symbol" that should be known only by its owner. Since a user's identification is often a compaction of the individual's name and thus easily guessed, the password must provide the requisite protection. Measures suggested for password protection include:

a. Use of machine-generated pronounceable passwords (pass-phrases).
b. Maximum length of time for password retention.
c. Capability to change a password.
d. Personal password protection (e.g., not written down)

Also on Fandom

Random Wiki