News Article

Password Guidance: Simplifying Your Approach

Last Updated: 08 Sep 2015
CESG and CPNI are pleased to announce the publication of guidance advocating a new approach for system owners responsible for determining password policy.

News article - 08 Sep 2015

The 'Password Guidance: Simplifying Your Approach' guidance is the result of working closely with industry, academia and other government departments. A recent survey reported that UK Citizens each have an average of 22 online passwords, far more than most people can remember. The Password Guidance addresses the inadequacies of existing approaches to passwords in creating effective whole-system security, and outlines what can be done to help organisations create password policies that work for both the organisation and its users.

"By simplifying your organisations approach to passwords, you can reduce the workload on users, lessen the support burden on IT departments, and combat the false sense of security that unnecessarily complex passwords can encourage" Ciaran Martin, Director General for Government and Industry Cyber Security.

Over the next coming weeks we will be writing more about this subject on the CESG Digital Blog, starting with a few words from Jon Lawrence, CESG Technical Director for Assurance.

Please note:

CESG became NCSC in October 2016.