Password Criteria
Developed By Angela
The best practices for complying with HIPAA password requirements include ensuring that passwords are at least eight characters long and enforcing the use of complex passwords. This can be achieved by requiring a combination of upper and lower case letters, numbers, and special characters.
In HIPAA, passwords are explicitly mentioned in the Administrative Safeguards of the Security Rule under the Standard relating to Security Awareness and Training (ยง164.308(5)). This standard includes implementation specifications relating to procedures for monitoring login attempts, and procedures for creating, changing, and safeguarding passwords.
In the registration forms created by Marco, I added a password pattern that checks for various criteria and a minimum length of 8. I made the password field required, added a title to inform users of the requirements, and created a message that appears as the user types. These changes were made in HTML. In CSS, I set the display of the message and assigned colors to the valid and invalid classes. Finally, in JavaScript, I programmed the functionality for validation and confirmation check.