Air Combat Command to enforce password policy
- By John Monroe
- Sep 07, 2006
Tips for choosing and protecting passwords
The Air Force Air Combat Command plans to purchase a 500,000-user perpetual license for software that will ensure that ACC employees do not compromise system security with poorly chosen passwords.
The command, based at Langley Air Force Base in Virginia, is turning to Anixis' Password Policy Enforcer, according to a notice published on the Federal Business Opportunities Web site.
The software does just what its name implies. Each time someone creates a password for entering a system, the software will check that the choice complies with the organization's password policy. If not, the software will deny the password.
The software reflects concerns about the vulnerability of weak passwords. Passwords are weak if they are easy to guess -- too similar to the log-in name, for example -- or too short, making them easier to crack by running readily available hacker algorithms. Strong passwords, for example, mix numbers and letters in no discernible pattern.
According to Anixis, the software offers 13 basic rules that organizations can refine and incorporate into their policy. For example, administrators might require all passwords to include one number, or they might go even further and require that the number fall somewhere after the first position in the password.
The software also will enable ACC administrators to synchronize passwords across networks and applications, according to the notice.