Password Policy Compliance Audit
Audit password policy compliance: generate test passwords at different strengths and verify against policy requirements.
Wann dieses Rezept verwenden
Test your password policy with various password strengths. Ensure your system correctly rejects weak passwords and accepts strong ones, meeting compliance requirements.
Schritte
Password Generator
Dieses Werkzeug ausprobieren →Test weak password
Password Strength Checker
Dieses Werkzeug ausprobieren →Verify weak rejection
Password Generator
Dieses Werkzeug ausprobieren →Test strong password
Password Strength Checker
Dieses Werkzeug ausprobieren →Verify strong acceptance
Hash Calculator
Dieses Werkzeug ausprobieren →Demonstrate proper storage
Häufig gestellte Fragen
What does NIST say about password policies?
NIST 800-63B: minimum 8 characters, no composition rules (no forced special chars), check against breached password lists, no periodic rotation requirements. Focus on length over complexity.
Should I require special characters?
NIST says no — it leads to predictable patterns (P@ssw0rd!). Instead, require minimum length (12+), check against breach databases, and support passphrases.
Verwandte Rezepte
Secure Password Workflow
Generate a strong password, verify its strength, and hash it for storage — a complete password security pipeline.
Web Security Header Audit
Audit your website's security headers, generate a CSP policy, evaluate it, and configure CORS.
JWT Authentication Setup
Set up JWT-based authentication: generate tokens, create signing keys, and implement TOTP for 2FA.
API Security Hardening
Harden your API with HMAC request signing, secure secrets, and SRI for client-side integrity.