A Uniform Desktop Is a Secure Desktop - Password Policy
The Office of Management and Budget has mandated that, starting Feb. 1, all federal agencies using Windows XP and Vista must adopt the standard security configurations developed by NIST, the Department of Defense and the Department of Homeland Security as part of the Federal Desktop Core Configuration. But the FDCC also provides a good framework for ensuring secure civilian desktop and laptop configurations.
By Cameron Sturdevant
The FDCC requires passwords to change every 60 days and have a minimum length of 12 characters, among other characteristics.