By John DuMond
To: All Network Users
From: Corporate IT Department
Subject: New Network Password Rules
In order to improve the security of the corporate computer network, the IT Department will be implementing new rules regarding network login passwords. The following rules will take effect beginning next Monday:
1. Passwords must be changed every 30 days.
2. Passwords may not be reused. Ever.
3. Passwords may not be similar to previous passwords. If a new password contains more than four characters that were contained in any of the user's previous five passwords, the network will reject it as invalid.
4. Passwords must contain at least nine (9), but not more than eleven (11) characters.
5. Passwords are case-sensitive and must contain at least two capital letters, two numbers, two lower-case letters, and two special characters.
6. The special characters * and $ may not be used.
7. No number, character, or letter may appear more than once in a password.
8. Passwords may not be (or contain) a word in the dictionary or a proper name.
9. Three failed login attempts will lock the user's account. An account lockup will result in a letter of reprimand being issued to the offending user. Two in one year will result in an unpaid, three day suspension. Three in one year will result in termination from employment.
Make sure your password is something you can easily remember, as it is a violation of company policy to write passwords down. Thank you for your cooperation in this matter.