ALL >> Computer-Programming >> View Article
Establishing Account And Password Requirements For Information Security
Guidelines for Designing a Strong Password Policy
There are many recommendations for the Windows XP Professionalsettings that can be made in the physical password policy. Which one should be chosen and why? Follow these guidelines when designing password policy:
Consider the restrictions placed on authentication algorithms.If LM is refused and an LM password hash is not stored in the password database, pass-words are harder to crack. Where LM passwords are allowed and stored, longer passwords can be used to negate the ease of cracking LM.
Require the use of complex passwords. Leave the password policy Passwords Must Meet Complexity Requirements enabled.
Consider the history requirement and the maximum password age requirement together. Setting a maximum password age of 30 days and a
password history of 12 might allow a user to create a favorite password for each month of the year—something like "CococoOl, Cococo02, Cococo03, and so on,"
where the number in the password represents the month of the year. These passwords are complex ...
... by the complexity standard and are different, but by knowing
one of them just as the user does, an attacker can figure out what the policy is on MCP certification
almost every clay of the year. (On the other days, she is only a digit away from success. Two guesses are all that's necessary.Set an account lock out policy. But don't make your settings so restrictive that the average person can lock himself out by simply fumble-fingering his password a couple of times. More information about this subject is included in the topic that follows.
Consider the history requirements and the minimum password age requirement together. Setting a history requirement does no good if the user does not have to wait before changing her password. The user can just cycle through as many passwords as necessary to return to her favorite previously used
password. If a minimum password age requirement is used, the user can still cycle passwords but must do so over an extended period of time. For most users, this will not be attempted.
Do not enable Store Passwords Using Reversible Encryption unless you have a specific business reason to do so. If you must provide access to users
who must use systems that cannot use the Windows algorithm, provide this access by using the setting on the individual user account.Do set, or leave on, the security option Prompt User To Change Password Before Expiration. Most people find it easier to change passwords before they absolutely must do so. If this setting is not enabled, users are not warned and will suddenly have to change their password. This might
free Microsoft exam questionsresult in them having to do so under stress.
Add Comment
Computer Programming Articles
1. Which Institute Is Best For Coding And Programming In Bhopal?Author: Shankar Singh
2. Top 9 Benefits Of Custom Mobile Application Development
Author: Byteahead
3. Top 10 Creative Business Ideas For Entrepreneurs
Author: Byteahead
4. Top 10 Apps Like Tiktok Everyone Should Check Out
Author: Byteahead
5. Is The Apple Watch Series 7 Worth It For Seniors?
Author: Ashish
6. The Ultimate Guide To Ebay Product Listing Services: Elevate Your Online Store
Author: rachelvandereg
7. Which Are The Best Java Coding Classes In Bhopal?
Author: Shankar Singh
8. Warehouse Management In Zambia: Essential Features To Look For
Author: Doris Rose
9. Ecommerce Web Design And Development In Melbourne With The Merchant Buddy
Author: themerchantbuddy
10. Why Website Maintenance Is Crucial For Business Success
Author: Yogendra Shinde
11. Boost Your Business With Smart Invoice Pos Software In Zambia
Author: Cecilia Robert
12. How Stablecoin Development Ensures Stability And Security?
Author: Michael noah
13. Công Cụ Tính Chiều Cao Chuẩn Từ Minbin Tool: Đo Lường Và Cải Thiện Chiều Cao Hiệu Quả
Author: KenJi123
14. How To Make A Courier App For Courier Delivery And Tracking Service
Author: Deorwine Infotech
15. Reputation Management In The Digital Age: Protecting And Enhancing Your Law Firm’s Image
Author: jamewilliams