Example automated control test for passwords
Below is a sample scenario for using thresholds in an automated control test. Currently, Hyperproof does not support thresholds. However, you can use the logic below to conduct a similar test.
Scenario
An organization wants to ensure that their employees' passwords adhere to the following company policy: Passwords must be a minimum of 15 characters plus three out of the following four criteria:
Uppercase characters A-Z (Latin alphabet)
Lowercase characters a-z (Latin alphabet)
Numbers 0-9
Symbols (!, $, #, %, etc.)
The logic may look like:
Logic | Result |
|---|---|
if minimum length is less than 16 | FAIL |
if symbol is false and number is false | FAIL |
if symbol is false and lower case is false | FAIL |
if symbol is false and upper case is false | FAIL |
if number is false and lower case is false | FAIL |
if number is false and upper case is false | FAIL |
if lower case is false and upper case is false | FAIL |
Below is an image depicting what the automated control test would look like.
