We are a consulting firm of about 20 employees and about to double in size in the next 3-6 months. Long story short, I have been asked to define a LastPass Password policy for our enterprise.
Is anyone willing to share what they have built, so I have a template and dont reinvent the wheel?
Here are some areas I planned to cover (open to suggestions here as well!) Some of these can be covered by LastPass policies...others need to be supported by humans.
-Password Generation -Master Password -Password duplication -Use of Security Questions across instances -Password "Owners" -Password Sharing (when to share and when to mask password) -Linking to Personal Accounts -Password Reset Requirements (team change, etc.)