Open lazylester opened 5 years ago
lazylester
commented
5 years ago password strength estimation algorithm needs locale-specific corpus of first names and last names. I will endeavour to secure these from www.statssa.gov.za.
will use zxcvbn (https://github.com/dropbox/zxcvbn)
lazylester
commented
4 years ago no response from www.statssa.gov.za, so will fallback to standard PPSA password policy: minimum of 6 chars at least one "special char" expiry every 30 days lockout after 3 unsuccessful password attempts password reuse history stores 12 passwords
6 characters min, with at least one special character (@, #). User prompted to renew passwords "on a regular basis". (Requirement AC.03)