HOME Cart(0) Quotation About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189760 (18 Oct 2025)

GB/T 38626-2020 PDF English

Q: Do you accept my currency other than USD?

Yes. https://www.ChineseStandard.us/products/GBT38626-2020 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

Q: How to buy and download a true PDF of English version of GB/T 38626-2020?

Answer: A step-by-step guide to download PDF of GB/T 38626-2020_English. Step 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD). Step 2: Search keyword 'GB/T 38626-2020'. Step 3: Click 'Add to Cart'. If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click 'Checkout'. Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: https://www.chinesestandard.net/Img/LDHowToStep1-3.jpg https://www.chinesestandard.net/Img/LDHowToStep4-6.jpg https://www.chinesestandard.net/Img/LDHowToStep7.jpg https://www.chinesestandard.net/Img/LDHowToStep8.jpg https://www.chinesestandard.net/Img/LDHowToStep9.jpg

US$170.00 · In stock · Download in 9 seconds
GB/T 38626-2020: Information security technology - Guide to password protection for intelligent connected device
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid

Standard ID	Contents [version]	USD	STEP2	[PDF] delivery	Name of Chinese Standard	Status
GB/T 38626-2020	English	170	Add to Cart	0-9 seconds. Auto-delivery	Information security technology - Guide to password protection for intelligent connected device	Valid

Excerpted PDFs (Download full copy in 9 seconds upon purchase)

PDF Preview: GB/T 38626-2020

Similar standards

GB/T 38628 GB/T 38638 GB/T 38671 GB/T 38625

GB/T 38626-2020: Information security technology - Guide to password protection for intelligent connected device

---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT38626-2020
GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Information security technology - Guide to password protection for intelligent connected device ISSUED ON: APRIL 28, 2020 IMPLEMENTED ON: NOVEMBER 01, 2020 Issued by: State Administration for Market Regulation; Standardization Administration of PRC.

Foreword ... 3 1 Scope ... 4 2 Normative references ... 4 3 Terms and definitions ... 4 4 Abbreviations ... 6 5 Overview ... 6 6 Account security ... 7 7 Password security ... 8 8 User security ... 9 Appendix A (Informative) Non-device local authentication method ... 11 References ... 12 Information security technology - Guide to password protection for intelligent connected device

1 Scope

This standard provides security technical guidelines for the generation, management, use of accounts and passwords for intelligent connected devices. This standard applies to the guidance of intelligent connected device manufacturers to secure design and implementation of password protection functions; it also applies to the supervision and inspection of the secure use of passwords for intelligent connected device.

2 Normative references

The following documents are essential to the application of this document. For the dated documents, only the versions with the dates indicated are applicable to this document; for the undated documents, only the latest version (including all the amendments) are applicable to this standard. GB/T 25069-2010 Information security technology - Glossary

3 Terms and definitions

The terms and definitions as defined in GB/T 25069-2010 as well as the following terms and definitions apply to this document. For ease of use, some terms and definitions in GB/T 25069-2010 are listed repeatedly below. 3.1 Intelligent connected device A device with the ability to access the network for communication, data perception, data storage, data processing and human-computer interaction. Note: Mainly refers to the end devices in the Internet of Things, including web cameras, smart home appliances, network set-top boxes, smart projectors, home routers, etc., excluding computers, mobile phones and other general computing devices. encryption function, which can be used to calculate password authentication data. [GB/T 25069-2010, definition 2.2.2.186]

4 Abbreviations

The following abbreviations apply to this document. API: Application Programming Interface ID: Identity IP: Internet Protocol

5 Overview

Due to the different access modes of intelligent connected devices, the implementation of password authentication can be divided into two types: - Equipment authentication: the password authentication process is carried out in the intelligent networked equipment. - Non-device local authentication: the process of password authentication is not carried out in intelligent networked equipment, including but not limited to user terminal authentication through cloud platform. See Appendix A for details. Non-device local authentication is essentially the platform that performs password authentication instead of intelligent connected devices. Therefore, the security technical requirements for account and passwords in this standard are applicable in both cases. The password is used as the authentication credential to be associated with the account as the user's identity. Account security is a very important part of the password authentication protection. This standard proposes protection rules and requirements from two aspects of account security and password security; meanwhile provides guidance on the secured use and management of account passwords for users. In this standard, once involving the use of cryptographic technology to solve the requirements of confidentiality, integrity, authenticity, non-repudiation, it shall follow the national and industry standards related to cryptography.

7 Password security

7.1 Password generation Matters of concern include: a) The automatically generated password is random, and the length is not less than 6 characters. b) The basic policy content that the password set by the user complies with is as follows: 1) The password length is not less than 8 characters; 2) The maximum allowed length of the password is not less than 64 characters; 3) The password contains at least two types of characters among numbers, lowercase letters, uppercase letters, special characters. c) For intelligent connected devices that use the activation mechanism in exit-factory configuration, when the user accesses the device for the first time, it needs to activate the device by setting a password for the device. Inactive devices refuse to operate other than activation. Note: "Activation" means that the user sets a password that meets the password complexity requirements when the device is used for the first time. d) For the intelligent networked devices that use the initial password in the exit-factory configuration, the initial password is randomly generated for each device; the user is reminded to modify the password every time they log in, until the initial password is modified. 7.2 Password usage Matters of concern include: a) Password transmission adopts secure transmission channel or encrypted transmission; b) By default, the password in the input box is hidden-displayed; c) The function that prohibits the password from being copied from the input box; d) The user cannot view his password after successfully logging in; e) The password authentication process has the function of preventing brute force cracking. If the wrong login attempts exceed the set number of times, the operating account is locked, or the IP is operated for a period of time. 7.3 Password management Matters of concern include: a) All passwords can be modified; hard-coded passwords cannot be used; b) Before the user changes the password, provide the function of verifying the old password and reconfirming the new password; c) Encryption is required when storing passwords; d) The stored password has an anti-cracking mechanism, including but not limited to salt; e) Restrict access to and modification of password files, including but not limited to using the access control function of the operating system; f) Cannot read the password plaintext through the user interface or API; g) Provide the function of restoring the device to the exit-factory state through physical buttons or other security methods when the account or password is forgotten; h) The password complexity strategy is configurable, allowing administrators to configure enhanced password complexity strategies according to application scenarios; i) Have the ability to display the security strength of the password. 7.4 Log All users' operations on passwords are recorded in logs. The contents of the logs include user ID, IP address, operation time, operation content, operation result and other information.

8 User security

Matters of concern include: ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.

Tips & Frequently Asked Questions

Question 1: How long will the true-PDF of English version of GB/T 38626-2020 be delivered?

Answer: The full copy PDF of English version of GB/T 38626-2020 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GB/T 38626-2020_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 38626-2020_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. www.ChineseStandard.us -- GB/T 38626-2020 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

How to buy and download a true PDF of English version of GB/T 38626-2020?

A step-by-step guide to download PDF of GB/T 38626-2020_English

Step 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GB/T 38626-2020".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9