Laptop Use/Password Practices Clause Samples

Laptop Use/Password Practices. (1) Consultants must have password protection on his or her computer at all times. (2) Consultants must set up their computers to require a password to access the computer, including upon power-on, restart, standby, hibernation, and screen save modes. (3) Consultants must set up with their computers to lock automatically after 15 minutes of inactivity. (4) Consultants must log out or lock their computers when left unattended if even for a minute. (5) Passwords must be at least 8 characters in length and must contain at least one lowercase letter, one uppercase letter, one number, and one symbol. (6) Consultants should change their passwords no less frequently than once every ninety (90) days. (7) For TDES encryption, each password must follow the general password rule for strength and each password must be different from the other two. (8) Consultants must not share their passwords with others. Consultants must immediately change compromised passwords. (9) An application password stored in a database must be stored as a binary field (varbinary in SQL Server) and encrypted by the application before storing in the database. No passwords should ever be kept in plain text. (10) Consultants should only keep passwords in ICERS-approved encrypted password list software.