Setting a Password Policy

password policy

A password policy describes the rules that are used to create a password—the letters, letter cases, length, and any special characters that are required. Some institutions require only lower case characters while others will demand that an upper case character, number, and special character be used, as well as a specified minimum length. In general, it is a good idea to use the longest allowable length and the largest permitted mix of characters. Please verify the exact password requirements with the entities that require them.

The Password Policy dialog allows you to set the global password generation policy. This policy can be overridden temporarily and passwords manually edited at any time in the Edit/View Entry dialog.

Selecting Password Rules

Each "use" item (e.g., use digits, use symbols, etc.) checked in the dialog forces Password Safe to include the specified characters in the passwords it generates. Each password will also be generated to the specified length (no shorter, no longer). The only exception to this is the Use hexadecimal digits only check box. When checked, passwords will include those characters that represent hexadecimal digits only. Selecting this option, disables all other check boxes.

Selecting Generate pronounceable passwords will cause Password Safe to generate a "nonsense" word that should be pronounceable, such as "ingstria", "ringsony", etc. This is useful when you need a password that is both secure and relatively easy to remember without Password Safe. Choosing this option with use digits and/or use symbols will enable replacing some letters with their "leet" equivalent, e.g., "E" may be replaced by "3", "S" by "5", etc.

The characters that are added when use symbols is checked are: + - = _ @ # $ % ^ & ; : , . < > / ~ \ [ ] ( ) { } ? ! | unless use only easy-to-read characters is selected as well, in which case the characters are only: + - = _ @ # $ % ^ & < > / ~ \ ?

The letters used when use only easy-to-read chararcters is checked are: a b c d e f g h i j k m n o p q r s t u v w x y z and A B C D E F G H J K L M N P Q R T U V W X Y, and the digits are limited to 3 4 6 7 8 9.