We are a consulting firm of about 20 employees and about to double in size in the next 3-6 months. Long story short, I have been asked to define a LastPass Password policy for our enterprise.
Is anyone willing to share what they have built, so I have a template and dont reinvent the wheel?
Here are some areas I planned to cover (open to suggestions here as well!) Some of these can be covered by LastPass policies...others need to be supported by humans.
-Password Generation
-Master Password
-Password duplication
-Use of Security Questions across instances
-Password "Owners"
-Password Sharing (when to share and when to mask password)
-Linking to Personal Accounts
-Password Reset Requirements (team change, etc.)