Understanding the Password Policy and Best Practices
Question
The IT department has established a new password policy for employees.
Specifically, the policy reads: -> Passwords must not contain common dictionary words -> Passwords must contain at least one special character.
-> Passwords must be different from the las six passwords used.
-> Passwords must use at least one capital letter or number.
Which of the following practices are being employed? (Choose two.)
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.BD.
The two password policies being employed here are Password Complexity and Password History.
Password Complexity: This policy mandates that passwords must not contain common dictionary words, passwords must contain at least one special character, and passwords must use at least one capital letter or number. These requirements make it harder for hackers to guess passwords and improve overall password security.
Password History: This policy requires that passwords must be different from the last six passwords used. This policy ensures that employees do not reuse old passwords, which can make it easier for attackers to gain access to sensitive information.
The other password policies listed in the answer choices are:
A. Password lockout: This policy locks out an account after a certain number of failed login attempts. This is not being employed in the given scenario.
C. Password expiration: This policy requires users to change their password after a certain amount of time. This is not being employed in the given scenario.
E. Password length: This policy mandates a minimum length for passwords. This is not being employed in the given scenario.
F. Password age: This policy requires users to change their password after a certain amount of time. This is not being employed in the given scenario.
Therefore, the correct answers are B. Password complexity and D. Password history.
