3.1.9. Establish procedures for having all users change their passwords.




 

A password compromise may force the organization to require all users of an application, system, or trust domain—or perhaps the entire organization—to change their passwords.