Safetrust recommends that customers implement strong user authentication for their Credential Manager accounts. The Safetrust Credential Manager allows organizations to configure their preferred level of authentication, ranging from SAML and OpenID to strong password policies. For customers evaluating the service, a basic password authentication option is available.
As part of its commitment to security, Safetrust is auditing its systems and processes to achieve NIST 800-171 certification. The National Institute of Standards and Technology (NIST) provides password policy recommendations, which Safetrust enforces when users create their initial evaluation accounts. Organizations are encouraged to strengthen these policies for their own security requirements once they complete their evaluation.
NIST Password Recommendations:
NIST recommends that passwords should:
- Not be too short
- Not be common or easily guessable
- Not contain common words
- Not include personal names
- Not be repetitive or predictable
To ensure compliance, NIST provides a list of commonly used or compromised passwords, often seen in basic hacking attempts. Safetrust validates new passwords against this list to enforce a minimum security standard and maintain compliance with NIST authentication guidelines.
Given that password strength directly impacts the security of accounts controlling access to buildings and networks, Safetrust strongly advises organizations to enforce robust password policies when configuring their production Credential Manager identity systems.