Passwords are an important aspect of security. A poorly chosen password may result in unauthorised access and/or exploitation of purplepedia.com's resources.
All members ("Members") with access to purplepedia.com's Membership platform, are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords.
The purpose of this policy is to establish a standard for creation of strong passwords, the protection of those passwords and the frequency of change.
The scope of this policy includes all members who have or are responsible for a membership account (or any form of access that supports or requires a password) on the Membership platform.
A. General Password Construction Guidelines
All Members of purplepedia.com should be aware of how to select strong passwords.
Strong passwords have the following characteristics:
Weak passwords have the following characteristics:
Members must create passwords that can be easily remembered. One way to do this is create a password based on a song title, affirmation, or other phrase.
For example, the phrase might be: "This May Be One Way To Remember" and the password could be: "TmB1w2R!" or "Tmb1W>r~" or some other variation. (NOTE: Do not use either of these examples as passwords!)
B. Password Protection Standards
If an account or password compromise is suspected, report the incident to the Information Security Department, who can be contacted as firstname.lastname@example.org.
C. Memorable Words
Memorable Words can be used in conjunction with a password for Member's to get access to the Membership platform.
Memorable Words are not the same as passwords. A Memorable Word is used as a secondary identification method (2 factor) for Members.
A good Memorable Word is relatively long and contains a combination of upper and lowercase letters. An example of a good Memorable Word:
"The Traffic On The 101 Was BAD This Morning"
All of the rules above that apply to passwords apply to Memorable Words except the use of special characters.
Any Membership member found to have violated this policy will be subject to conditions.
Password cracking or guessing may be performed on a periodic or random basis by the Information Security Department or its delegates. If a password is guessed or cracked during these exercises, the member will be required to change it.