Passwords
Authentication and Password Strength Guidelines Authentication Solution and Sensitive Accounts Do NOT allow login with sensitive accounts (used internally within the solution) to any front-end user-interface. Do NOT use the same authentication solution (e.g., IDP / AD) for unsecured access (e.g., public access / DMZ) as used internally. Proper Password Strength Controls A critical aspect of authentication is password strength. A strong password policy is essential to protect against unauthorized access.