Section 50 IAC 26-12-2 - Password and login requirementsAuthority: IC 6-1.1-31-1; IC 6-1.1-31.5-3.5
Affected: IC 6-1.1-31.5
Sec. 2.
The property tax management system must include a security feature whereby individual users can be assigned a username or user identification, with a corresponding password, each of which must be input by the user in order to log onto the system. The security feature must meet the following requirements:
(1) Users must be prompted to change their passwords in accordance with standards set by the state board of accounts.(2) Passwords must be as follows:(A) Contain a minimum of eight (8) characters.(B) Combine at least three (3) of the following four (4) types of characters:(iv) Uppercase and lowercase.(3) New users must be prompted to change passwords after initial login.(4) Users must be as follows: (A) Prompted to change passwords as follows: (i) After password reset by system administrator.(ii) Once the current password has expired.(B) Locked out of the property tax management system after three (3) unsuccessful login attempts. The user must remain locked out until password reset by system administrator.(5) The property tax management system must not accept a password from a given user if the password is identical to any of the thirteen (13) previous passwords used by that same user.(6) Users must be automatically locked out of the system after fifteen (15) minutes of inactivity.(7) The system: (A) must prevent simultaneous logons by the same user; and(B) should store all passwords in an encrypted format.Department of Local Government Finance; 50 IAC 26-12-2; filed Jan 28, 2011, 3:07 p.m.: 20110223-IR-050100165FRA