Passbolt Usage Policy

In this article:

Policy Brief

Passbolt is a password management tool that can help you to remember and manage all your password. All password for work related account should be stored on passbolt. To ensure correct usage of Passbolt, we are enforcing a few rules of what credential can be put into Passbolt.

Scope

This policy applies to all crews (full-time, temporary, and interns) that use Agate’s Passbolt service.

Policy Elements

Passbolt Passphrase Criteria

The passphrase criteria on this policy is enforced for the password used to access Passbolt account. For password criteria for other account, you can refer here: Password Creation

Passphrase criteria:

Strength: Very strong (full green bar)
- Open Image
Use 16 or more characters for your password.
Use easy to remember sentence (use slang is preferable)
Use at least one number for each word in your password to mask the word. E.g. hello → h3ll0 (two or three number is good)
Use a combination (at least one each) of upper case, lower case, and symbol for your password. The more unusual symbol, the better (e.g. # % & @)

This is the example of passwords using the above criteria:

1234567890123456
hey!janganlupaya
kukuk4k1kuk4ku!!
j4ng4nt4ny4k4p4nn1k4h?
sp0nb0b&p4tr1k??
0hay0ugoz4im4su!

Other option is to use random gibberish sequence of letter and number, and also at least 1 symbol. This is the example of passwords using this criteria:
```
dfghjk87654CVBNM!
ZXCV!@#$7890VBNM
qwertYUIOP!@34567
```

Credential Type

What to put on Passbolt

Agate Office365 account credential
All account credential that is registered using your @agate.id email. This may include Unity account, App Store account, Agate Google Account (registered with this SOP [How to Create Google Account with Agate Email](How to Create Google Account with Agate Email 3d54e114a41b4204b0d596c7669e5e66.md)), etc.
All work related account credential that does not use email, e.g. using Username or Id to log in. This may include Agate Website Wordpress account, GoDaddy account, etc.
Work related account credential that is not registered using @agate.id email. This may include Gmail account for QA purpose, etc.
Any other work related account credential that may not be included in the points above

What NOT to put on Passbolt

Personal Gmail account credential
Personal Facebook account (even if it was used as facebook login on business.facebook.com)
Personal gaming account
Personal bank pin
Any other personal and non work related account credential

When you need to share account credential to other crew, please use Passbolt password sharing feature. By sharing via Passbolt, Agate can track which crew we have shared the credential with
Do NOT share credential via copy pasting, Teams, WA, Email, etc. This can be intercepted and commonly compromised
If you have a team that need the same credential, please create a group for your team. You can then share the password to that group
The detail for how to use Credential Sharing can be found here: @ passbolt SOP
- Alternative documentation
  
  https://help.passbolt.com/faq/start/share-password

Password Rotation

Password rotation means changing/resetting password to a new one.

Crew need to rotate their password every 3 months. Crew can see the list of credentials that haven’t been changed more than 3 month ago in Passbolt.
Please do not reuse your 10 previous password when changing your password.
When a crew move to another team/division, please reset your team/division specific credential.
When a crew graduated, remove their credential access.

With the benefit of password sharing feature, all crew that have the shared credential will get email notification on password change via email. They also automatically get the new password updated on their Passbolt.

Account and Password Policy

Passbolt Usage Policy

[WIP] Project and Server Policy

Policy Template

[PR-Git-2021] How to use Git for day-to-day operation

[PR-Keystore-2018] Keystore Google (2018-2022)

[PR-Keystore-2023] Keystore Google (2023-Now)

[PR-Production-2022] How to Setup Repository

[PR-Production-2023] How to Get Project Repository

How to Connect to Agate VPN Cloud

How to Create Google Account with Agate Email

How to Create Request Ticket to DevOps

How to Request Crew (New Project)

How to Request Third Party Purchases

How to Request Git Account

[WIP] How to use Passbolt Password Manager

Work with NAS Storage (agate.storage)

SOP Template

[S-Git-001] Project Repository Group Structure & Project Repository Naming Convention

[S-Git-002] Git Branching Standardization

[S-Production-001] General Naming Convention

[S-Unreal-001] Unreal Standardization Terminology

[S-Unreal-002] Unreal Asset Naming Convention

[S-Unreal-003] Unreal Folder Structure & Naming Convention

[S-Unreal-004] Textures Standardization

[S-Unreal-005] Static Meshes Standardization

[S-Unreal-006] Skeletal Meshes Standardization

[S-Unreal-007] Media Standardization

[S-Unreal-008] Niagara Particle System Standardization

[S-Unreal-009] Maps Standardization

[S-Unreal-010] Blueprint Standardization

[S-Unreal-011] C++ Standardization

[S-Unreal] Unreal Style Guidelines

Unreal Filename Prefix Suffix Table

Unity Foldering Standardization

C# Coding Standard

C# Namespace Standard

C# Naming Standard

Standard Template

[G-Production-001] Development Principles

Leadership Responsibilities (Designer)

Leadership Responsibilities (Programmer)

Designer Guideline

Personal Development Plan

PDP Mentoring

Mentorship Program

Passbolt Usage Policy

Policy Brief

Scope

Policy Elements

Passbolt Passphrase Criteria

Credential Type

Credential Sharing

Password Rotation

Related Pages

No Comments