The following password policies are being technically enforced to help users using strong password to access HCT network resources:

• Password must be 8 characters or longer
• Password must NOT be based on your username.
• Password must contain characters from at least three different Character Sets. ([A-Z], [a-z], [0-9], [Special characters])
• Password to be changed every 90 days
• Password must be different from your current password and previous five passwords.

Password protection guidelines

Users are requested to the follow the below guideline to protect passwords:

• Do not share your HCT passwords with anyone, including administrative assistants and secretaries.
• All passwords are to be treated as sensitive, confidential HCT information.
• Do not reveal your password over phone to anyone, in an email message or in front of others.
• Do not reveal a password in questionnaires
• Do not use the ‘Remember Password’ feature of applications (e.g.Outlook, Web-Mail, etc.).
• If you feel your password is suspected to be compromised, change it immediately.
• Do not write passwords down and store them anywhere in your office.
• Do not store passwords in a file on ANY computer system (including mobiles, smartphones or similar devices) without encryption.
• Do not contain whole words in any language, including slang, dialect, jargon, etc.
• Passwords not to be based on personal information, names or birthdates of family members, etc.
• Password should be easy for the user to remember but difficult for others to guess.