Question: A small business has a problem with password reuse. They have tried to implement a new password policy that requires users to have long random
A small business has a problem with password reuse. They have tried to implement a new password policy that requires users to have long random passwords, but compliance is low because people are unable to memorise their passwords. The biggest threat to the business is remote attackers using automated password guessing tools that are fed with username and password combinations from previous data-breaches. Which of the following strategies would improve password complexity, compliance and provide the greatest protection from remote, automated attacks?
A small business has a problem with password reuse. They have tried to implement a new password policy that requires users to have long random passwords, but compliance is low because people are unable to memorise their passwords. The biggest threat to the business is remote attackers using automated password guessing tools that are fed with username and password combinations from previous data-breaches. Which of the following strategies would improve password complexity, compliance and provide the greatest protection from remote, automated attacks? Staff required to add at least 3 random characters to each of their passwords ( 1 digit, 1 upper-case and 1 special character) Scheduled password changes are enforced at an enterprise level but without requirements on the complexity of the password. NIST recommends that password requirements are scrapped. Staff must pick a long and completely random password. But they are allowed to write down their passwords in a notebook stored in a secure place. IT-Security department assigns passwords that meet the complexity requirements then the end-user must change their password on the next-login
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help