The following sample outlines a policy for ensuring secure use of network passwords. It provides guidance regarding initial password setup, including a forced change of the initial password. It also requires that users choose passwords that are difficult to guess, that passwords never be written down, and prohibits the sharing of passwords.
This policy also states that the display and printing of passwords must be masked, suppressed, or obscured. Passwords must not be stored in plain text or in other readable forms, passwords require encryption, and re-use of a previous password is prohibited. Users must promptly notify the service desk if their password integrity has been compromised. The password must be changed immediately.