Skip to main content

Policy Templates

Password Policy Enforcer contains Out-of-the-box Policy Templates based on the requirements of the most popular regulatory frameworks.

  • CIS Password Policy Guide — See the CIS Password Policy Guide article for additional information.

  • CIS Password Policy Guide MFA — See the CIS Password Policy Guide article for additional information.

  • HIPPA — HIPAA Security Rule requires that organizations must implement procedures for creating, changing, and safeguarding passwords.

    • It also recommends training the workforce on ways to safeguard password information and establish guidelines to create and change passwords in a periodic cycle.
    • HIPAA doesn’t offer any specific password complexity guidelines. To comply with HIPAA, organizations are better off following NIST password guidelines.
    • Most of healthcare institutions use the NIST framework.

  • NERC CIP — See the CIP-007-6 — Cyber Security – Systems Security Management article for additional information.

  • NIST 800-63b — See the NIST Special Publication 800-63B article for additional information.

  • PCI DSS — See the PCI Document Library web site for additional information.

  • ISO/IEC 27002 — See the NIST Special Publication 800-63B article for additional information.