This is good news to users of Google Apps Premier Edition, like Genentech.

The Premier version of Google Apps allows more control over the passwords that their users can choose. This applies to the whole suite of applications under Google Apps, including Gmail, Docs, and Spreadsheets.

Google Apps administrators can now set a minimum password length and will be able to see how strong each user’s password remains over time.

They can then suggest users change the passwords if they are too weak, such as using their own name, common names in a dictionary, or if the passwords is too short. You can easily see the password strength by the visual thermometer gauge as you type in a password.

“Customers were asking for this”, said Eran Feigenbaum, Director of Security for Google Apps.

What kind of policy settings or password complexity should you follow?

Password Policy Guidelines

A Policy Setting should have the following:

• Enforce password history: 3 passwords remembered
• Maximum password age: 90 days
• Minimum password age: 0 days
• Minimum password length: 8 characters
• Password must meet complexity requirements.

The password complexity requirements are:

• Not contain all or part of the user’s account name
• Be at least six characters in length
• Contain characters from three of the following four categories:
  • English uppercase characters (A through Z)
  • English lowercase characters (a through z)
  • Base 10 digits (0 through 9)
  • Non-alphabetic characters (for example, !, $, #, %)

It’s always a good reminder to set strong passwords and change them regularly between 90 – 120 days, even if it means adding or changing the last character in the password.