ALL >> Computer-Programming >> View Article
Establishing Account And Password Requirements For Information Security
Guidelines for Designing a Strong Password Policy
There are many recommendations for the Windows XP Professionalsettings that can be made in the physical password policy. Which one should be chosen and why? Follow these guidelines when designing password policy:
Consider the restrictions placed on authentication algorithms.If LM is refused and an LM password hash is not stored in the password database, pass-words are harder to crack. Where LM passwords are allowed and stored, longer passwords can be used to negate the ease of cracking LM.
Require the use of complex passwords. Leave the password policy Passwords Must Meet Complexity Requirements enabled.
Consider the history requirement and the maximum password age requirement together. Setting a maximum password age of 30 days and a
password history of 12 might allow a user to create a favorite password for each month of the year—something like "CococoOl, Cococo02, Cococo03, and so on,"
where the number in the password represents the month of the year. These passwords are complex ...
... by the complexity standard and are different, but by knowing
one of them just as the user does, an attacker can figure out what the policy is on MCP certification
almost every clay of the year. (On the other days, she is only a digit away from success. Two guesses are all that's necessary.Set an account lock out policy. But don't make your settings so restrictive that the average person can lock himself out by simply fumble-fingering his password a couple of times. More information about this subject is included in the topic that follows.
Consider the history requirements and the minimum password age requirement together. Setting a history requirement does no good if the user does not have to wait before changing her password. The user can just cycle through as many passwords as necessary to return to her favorite previously used
password. If a minimum password age requirement is used, the user can still cycle passwords but must do so over an extended period of time. For most users, this will not be attempted.
Do not enable Store Passwords Using Reversible Encryption unless you have a specific business reason to do so. If you must provide access to users
who must use systems that cannot use the Windows algorithm, provide this access by using the setting on the individual user account.Do set, or leave on, the security option Prompt User To Change Password Before Expiration. Most people find it easier to change passwords before they absolutely must do so. If this setting is not enabled, users are not warned and will suddenly have to change their password. This might
free Microsoft exam questionsresult in them having to do so under stress.
Add Comment
Computer Programming Articles
1. Which Are The Best Java Coding Classes In Bhopal?Author: Shankar Singh
2. Warehouse Management In Zambia: Essential Features To Look For
Author: Doris Rose
3. Ecommerce Web Design And Development In Melbourne With The Merchant Buddy
Author: themerchantbuddy
4. Why Website Maintenance Is Crucial For Business Success
Author: Yogendra Shinde
5. Boost Your Business With Smart Invoice Pos Software In Zambia
Author: Cecilia Robert
6. How Stablecoin Development Ensures Stability And Security?
Author: Michael noah
7. Công Cụ Tính Chiều Cao Chuẩn Từ Minbin Tool: Đo Lường Và Cải Thiện Chiều Cao Hiệu Quả
Author: KenJi123
8. How To Make A Courier App For Courier Delivery And Tracking Service
Author: Deorwine Infotech
9. Reputation Management In The Digital Age: Protecting And Enhancing Your Law Firm’s Image
Author: jamewilliams
10. What Features Should I Look For In Wordpress Ecommerce Plugins?
Author: Rocket Press
11. Staying Updated With The Latest Gaming News
Author: Next Tech Plus
12. Game Development: Evolving Technologies And New Horizons
Author: Rick John
13. Why Svelte Is The Most In-demand Framework For Web Development?
Author: Why Svelte Is The Most In-Demand Framework For Web
14. Maximizing Ebay Sales With Maropost/neto And Pursuit Info Solutions
Author: rachelvander
15. The Importance Of Software Testing: Ensuring Quality In Development
Author: John Mathew