a. What was the traditional recommendation for passwords?

20a.) Traditionally, we have told users that passwords ________.

a. Should have a mix of characters (uppercase and lowercase letters, digits, other keyboard characters)

b. Should be easy to remember

c. Both A and B

d. Neither A nor B

b. What is the U.S. National Institute of Standards and Technology’s new recommendation?

20b1.) For reusable passwords, NIST now recommends ________.

a. That passwords be easy to remember

b. That passwords should be changed monthly

c. Both A and B

d. Neither A nor B

20b2.) For reusable passwords, NIST now recommends ________.

a. That passwords be easy to remember

b. That passwords be long phrases instead of being about 8-12 characters long

c. Both A and B

d. Neither A nor B

c. What two benefits should this new recommendation bring?

d. Is it still important not to use the same password at multiple sites?

20d.) NIST guidelines for reusable passwords permit ________.

a. Entirely lower-case passwords

b. The use of the same password at different sites

c. Both A and B

d. Neither A nor B

e. Why is it undesirable to use reusable passwords for anything but the least sensitive assets?

20e.) For sensitive assets, reusable passwords ________.

a. Should be especially long

b. Should contain a truly complex mixture of characters

c. Should be difficult to remember

d. Should not be used

f. Why are other forms of authentication being created?

20f.) Biometrics and other new authentication methods are being created with the goal of getting rid of reusable passwords.

a. True

b. False