A company is updating its password policy to enhance security. Which of the following password requirements will MOST effectively improve the security of user accounts?
You selected this option
At least 10 characters in length using only alphabetic characters
You selected this option
At least 8 characters including one uppercase letter and one number
You selected this option
Mandating regular password changes every 30 days
You selected this option
A minimum of 14 characters, including upper and lower case letters, numbers, and symbols
The correct answer is 'A minimum of 14 characters, including upper and lower case letters, numbers, and symbols.' This answer is correct because it aligns best with the industry best practices that recommend the use of long passwords with a mix of various character types to increase the complexity and make it more resistant to brute-force attacks. Shorter passwords with fewer character requirements, such as 'At least 8 characters including one uppercase letter and one number' and 'At least 10 characters in length using only alphabetic characters,' are easier for attackers to guess or crack using automated tools. 'Mandating regular password changes every 30 days' does not necessarily increase complexity and can lead to weaker passwords if users only make minimal changes to their previous passwords or begin writing passwords down to remember the frequent changes.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is having a minimum of 14 characters in a password important?
Open an interactive chat with Bash
What are brute-force attacks and how do they relate to password security?
Open an interactive chat with Bash
What character types should be included in a strong password?