Password Requirements
- Use a unique generated password for every platform.
- Never reuse a personal password for company services.
- Prefer passkeys where supported and operationally recoverable.
- Store credentials only in the approved password manager.
Rotation Policy
Cloudberrie does not rotate strong passwords on an arbitrary short schedule. Rotate immediately when:
- A credential may have been exposed.
- An authorized person leaves or loses responsibility.
- A vendor reports a breach or suspicious activity.
- The password was reused, weak, shared insecurely or saved in an unapproved location.
- Platform access logs show unexplained activity.
After Rotation
- Update Apple Passwords.
- Revoke existing sessions and obsolete API tokens where supported.
- Retest MFA and recovery access.
- Record the reason and date in the protected entry.
- Update affected deployment secrets without placing them in source control.