DISA STIG

DISA STIG password requirements are some of the most stringent in the industry since they’re for the U.S. Department of defence. But that doesn’t mean they’re out of reach for the average organisation. The minimum requirements include:

A password must be at least 15 characters
It must have upper and lower case letters, numbers, and special characters
When the password is changed, at least half of the characters in the password must change as well

Updated: