Legal docs for password policies

0 Votes

Legal docs for password policies

I'm IT consultant and one of my clients, whom I manage network for, does not want to obey password policies for certain user accounts - basically he wants some passwords to stay always the same.
My policies require periodical changes of all user's network passwords as those are also used for the remote connection.

I'm looking for some legal documents that I could give to the client to sign, so I'm covered in case of security breach due to those passwords.

Can anyone help here?