Question AAAI-04
Can you enforce password/passphrase complexity requirements (provided by the institution)?
| Weight | 40 |
| High Risk | No |
| Required | No |
| Compliant Answer | Yes |
Standard Guidance
EDUCAUSE provides no guidance here
Answering "NO"
Describe plans to support password/passphrase complexity requirements.
Answering "YES"
Describe how password/passphrase complexity requirements are implemented in the product.
Reason for Question
Many institutions have policy focused on passwords/passphrases, and this question confirms the capacity of a vendor's software/product/service to comply.
Follow-Up Inquiries
Follow-up inquiries for password/passphrase complexity requirements will be institution/implementation specific.
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]