Air Combat Command to enforce password policy
- By John Stein Monroe
- Sep 07, 2006
The Air Force Air Combat Command plans to purchase a 500,000 user perpetual license for software that will ensure that ACC staffers do not compromise system security with poorly chosen passwords.
The command, based at Langley Air Force Base, is turning to Anixis' Password Policy Enforcer, according to a notice published on the Federal Business Opportunities Web site.
The software is just what the name implies. Each time some one creates a password for entering a system, the software will check that the choice complies with the organization's password policy. If not, the password will be denied.
The software reflects current concerns about the vulnerability created by so-called "weak" passwords. Passwords are weak if they are easy to guess -- being too similar to the logon name, for example -- or too short, making them easier to crack by running readily-available hacker algorithms. "Strong" passwords, for example, mix numbers and letters in no discernible pattern.
According to Anixis, the software offers thirteen basic rules that can organizations can refine and incorporate into their policy. For example, administrators might require all passwords to include one number, or they might go even further and require that the number fall somewhere after the first position in the password.
The software also will enable ACC administrators to synchronize passwords across different networks and applications, according to the notice.
John Monroe is Senior Events Editor for the 1105 Public Sector Media Group, where he is responsible for overseeing the development of content for print and online content, as well as events. John has more than 20 years of experience covering the information technology field. Most recently he served as Editor-in-Chief of Federal Computer Week. Previously, he served as editor of three sister publications: civic.com, which covered the state and local government IT market, Government Health IT, and Defense Systems.