Script(s)

Few thoughts on how to  enforce strong userids and passwords.

UserIDs can be email address. (An email can be sent to the ID with a link to make sure email id is valid)

– Password must be between 8 and 14 characters.
– Password must contain at least one number, at least one English uppercase character, and at least one English lowercase character.
– Password must contain one special character like #,*,&
– Password may not have more than two consecutive identical characters.

Ex : This is valid :  grEen12#   but  grEEEn12# is not valid

– Password cannot be the same as your previous three passwords.

– Password cannot be similar as your previous three passwords.

Ex : If this is your old password grEen12#, new Password cannot be grEen13#

– Password cannot be the same as or contain your User ID or contain the word “password” or contain your site / company name.

Ex : If your site is abcjewellers then password cannot be   aBcJewellers#1 or paSSword$1

– Password should expire every 60 days.