To provide best-practices and  to ensure CJIS compliance, a Password Reset Portal is bundled with the JusticeConnect Server to allow users of any CMI product to easily and securely reset a password from anywhere.

CJIS POLICY SPECIFICS

5.6.2.1 Standard Authenticators
Authenticators are (the something you know, something you are, or something you have) part of the identification and authentication process. Examples of standard authenticators include passwords, tokens, biometrics, and personal identification numbers (PIN). Users shall not be allowed to use the same password or PIN in the same logon sequence. 

5.6.2.1.1 Passwords
Agencies shall follow the secure password attributes, below, to authenticate an individual’s unique ID.
Passwords shall:
1. Be a minimum length of eight (8) characters on all systems.
2. Not be a dictionary word or proper name.
3. Not be the same as the Userid.
4. Expire within a maximum of 90 calendar days.
5. Not be identical to the previous ten (10) passwords.
6. Not be transmitted in the clear outside the secure location. 
7. Not be displayed when entered.