Contact
This Password Policy aims to establish the guidelines and minimum requirements to create, manage, use and protect passwords in the information systems that FREMAP makes available to external users, and it is mandatory for all of them.
In order to ensure an adequate level of security, all passwords used to access FREMAP applications must meet, at least, the following criteria:
Passwords are strictly personal and non-transferable. The following is forbidden:
Passwords must be changed at least every 365 days or when there is suspicion or evidence of compromise, unauthorised access or a security breach.
The system will automatically block the account for 10 minutes after 3 consecutive failed attempts. The applications provide users with the means to reset their password online.
Failure to comply with this policy may result in:
This policy will be reviewed periodically to ensure its compliance with current legal, regulatory and technological requirements.
This Password Policy is established in accordance with the provisions of Royal Decree 311/2022, of 3 May, regulating the National Security Scheme (ENS), and, in particular, with the basic principles and protection measures relating to access control, authentication and credential protection, applicable to information systems that provide services or process information in public sector entities or collaborators thereof.