All computers (desktops, laptops) must be locked or shut down when left unattended. All computers must have a password (or biometric access) and must require authentication for first time login upon booting up (no auto-login on startup). PINs are not allowed (such as Windows 10 PIN login). These rules do not apply to portable devices kept on your person.

Password Policy

A secure password must contain, at a minimum, 10 characters including at least 3 out of the following 4 types of characters: a lower-case letter, an upper-case letter, a number, a special character (such as !@#$%^&*). You may not use more than two of the same characters in a row. For example, AAA, is not allowed but AaA is.

Please note, secure passwords are not a substitute for 2FA. Both are necessary to ensure a sufficient level of security. 2FA must be enabled on any site that supports it. 2FA will be enabled company-wide in every application that supports doing so.

Example password: Drafted2020!