Company policy requires the use if passphrases instead if passwords.
Which of the following technical controls MUST be in place in order to promote the use of passphrases?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The correct answer is B. Length.
Passphrases are essentially longer and more complex passwords that are made up of multiple words or phrases. They are considered more secure than traditional passwords because they are harder to crack, particularly when they are of sufficient length. Passphrases are therefore a suitable alternative to traditional passwords in environments where security is a top priority.
To promote the use of passphrases, it is important to ensure that technical controls are in place that support this policy. The four technical controls that are commonly used to enforce password policies are:
A. Reuse: This control ensures that users cannot reuse old passwords when creating new ones. This helps prevent attackers from gaining access to an account by using a previously stolen password. However, it is not directly related to promoting the use of passphrases.
B. Length: This control requires that passwords meet a minimum length requirement. This control is essential for promoting the use of passphrases, as passphrases are generally longer than traditional passwords. For example, a passphrase may be a sentence or combination of words, such as "MyFavoriteFoodIsPizza." This control should be set to a minimum of 12 to 16 characters, to ensure that the passphrase is long enough to be secure.
C. History: This control ensures that users cannot reuse a previous password for a set period of time. It is similar to the "reuse" control, but focuses on preventing users from switching back and forth between different passwords. While this control is still important for security, it is not directly related to promoting the use of passphrases.
D. Complexity: This control requires that passwords include a combination of different character types, such as uppercase and lowercase letters, numbers, and special characters. While this control can be used to promote stronger passwords, it is not directly related to promoting the use of passphrases.
In summary, the technical control that MUST be in place to promote the use of passphrases is length. By requiring a minimum length for passwords, organizations can encourage users to create longer and more complex passphrases, which are more secure than traditional passwords.