164.308(a)(5)(ii)(D) - Password Management (Addressable)
Procedures for creating, changing, and safeguarding passwords.
Illustrative Controls and TIBCO LogLogic Solution
Frequently changing user passwords is a good general security practice that ensures intruders cannot enter into the IT infrastructure. It is a best practice to change your passwords every 30 to 90 days.
Administrators must identify and review all password change events to ensure users are changing passwords at least every 90 days. For example, Windows platforms generate events with the ID of 627 and 628 for password change attempts.
Reports and Alerts
Use the following link or reference to see the 164.308(a)(5)(ii)(D) reports and alerts: 164.308(a)(5)(ii)(D) - Password Management (Addressable).
Copyright © Cloud Software Group, Inc. All rights reserved.