Password Policy Expiration too weak - Never

Impact area

Security

Severity

Medium

Affected element

Profile

Org Config

Rule ID

SF-0175

Impact

Weak password expiration policies can open you up to brute force and dictionary attacks. Passwords with over 90 days expiration time are unsafe.

Remediation

Modify the password expiration time to ninety days or less.

Time to fix

30 min

References

This rule is linked to Common Weakness Enumeration CWE-521 Weak Password Requirements.




Last modified on Oct 13, 2020