Skip to additional navigation Skip to content

Response 3863981

Response to request for information

Reference

3863981

Response date

8 January 2026

Request

Please provide the following information/documents:

  1. A copy of (or extract from) your current policy that governs user authentication for citizen-facing online services.
  2. The specific password rules that apply when citizens create an account or perform a password reset. For example, password character minimum and maximum limits, special character enforcement.
  3. Whether MFA is offered or required for citizen-facing services, and, if so, what types are supported (e.g. SMS, email, or authenticator app).
  4. A brief description or document outlining how password resets or account recovery are handled for public users (e.g. email verification, security questions, or other processes).
  5. The date these policies were last reviewed or updated, and whether the policies align with any national or international guidance (e.g. NCSC, NIST SP 800-63, or ISO 27001).

Response

Rushcliffe Borough Council do not hold this information. Our citizen portals are provided by 3rd parties who have their own policies and procedures.

FOI Responses ICT 2026