IT User Account Guide Template

Every Information Technology user should have a unique identifier and a system password assigned, the IT User Account Guide Template can be used as a guide. It covers passwords, account expirations, home directories, user group assignments, and more. There should be a system in place for authenticating and authorizing users beyond the login point. Access to applications, databases, etc., once a person is in the system must be controlled.

Password Control guidance can be found in ITSD106-4 USER ACCOUNT CONVENTIONS.

• Passwords must be eight characters or more in length.
• Passwords must contain a combination of alphabetic, numeric, and/or special characters.
• Default passwords must be changed upon initial login.
• Users should change their passwords at least every sixty days. If a user password has not been changed in that time, a password change should be forced on the user and the user should be notified of the default password to be used at the next login.
• Passwords should not be reused consecutively. There should be a system in place to keep a password history and prevent password reuse for several cycles (four or more is recommended).
• Accounts should be automatically suspended upon three consecutive failed logon attempts. Users should apply to the Information Technology Security Manager for a password reset.
• Systems should identify and authenticate users before granting access.

IT User Account Guide Template Details

Pages: 02
Words: 595
Format: Microsoft Word 2013 (.docx)
Language: English
Manual: Computer & IT
Category: IT Security & Disaster Recovery
Procedure: IT Access Control Procedure ITSD106
Type: Guide

Related Documents

• ITSD106-1 IT ACCESS CONTROL PLAN
• ITSD106-2 IT USER ACCESS CONTROL DATABASE
• ITSD106-3 ACCESS CONTROL LOG