When setting password rules, which of the following would lower the level of security of a network?
A.
All passwords are set to expire at regular intervals and users are required to choose new
passwords that have not been used before.
B.
After a set number of failed attempts the server will lock out any user account forcing the user
to call the administrator to re-enable the account.
C.
Passwords must be greater than six characters and contain at least one non-alpha.
D.
Complex passwords that users can not remotely change are randomly generated by the
administrator and given to users
Explanation:
If a user gets a difficult password that they can’t remember, there’s a certain chance that they will
forget the password or compromise security by writing down their password on a Post It note on
their keyboard. Since the user won’ be able to reset the password themselves they’ll have to make
regular trips to help desk for a new password, and with regular disgruntled users getting emotional
over passwords, the risk of social engineering increases.