Wasn't sure if this belonged in the regulatory and compliance section as it is more geared to best practices.
I'm looking for information to support our current password policy. Specifically best practices on local administrator accounts, service accounts, etc. Practical stuff on expiration dates, the sharing of, archiving old expired passwords or anything along those lines.
Does anyone have suggestions or links they can recommend? I can provide more info if you need it.
thanks for reading,