IT User Account Guide Template
Every Information Technology user should have a unique identifier and a system password assigned, the IT User Account Guide Template can be used as a guide. It covers passwords, account expirations, home directories, user group assignments, and more. There should be a system in place for authenticating and authorizing users beyond the login point. Access to applications, databases, etc., once a person is in the system must be controlled.
Password Control guidance can be found in ITSD106-4 USER ACCOUNT CONVENTIONS.
- Passwords must be eight characters or more in length.
- Passwords must contain a combination of alphabetic, numeric, and/or special characters.
- Default passwords must be changed upon initial login.
- Users should change their passwords at least every sixty days. If a user password has not been changed in that time, a password change should be forced on the user and the user should be notified of the default password to be used at the next login.
- Passwords should not be reused consecutively. There should be a system in place to keep a password history and prevent password reuse for several cycles (four or more is recommended).
- Accounts should be automatically suspended upon three consecutive failed logon attempts. Users should apply to the Information Technology Security Manager for a password reset.
- Systems should identify and authenticate users before granting access.
IT User Account Guide Template Details
Format: Microsoft Word 2013 (.docx)
Manual: IT Policies and Procedures Templates
Category: IT Security & Disaster Recovery
Procedure: IT Access Control Procedure ITSD106