As an IT manager, you have been tasked with reviewing the company's password policies to ensure they align with best practices for security. Upon examination, you find out that the policy requires all employees to change their passwords every 90 days. What change would you recommend to improve password security effectively while balancing user convenience?
Mandate that all users create passwords with a minimum length of 30 characters.
Remove the password expiration policy and allow users to keep passwords indefinitely.
Shorten the password expiration period to require changes every 45 days.
Implement multi-factor authentication and increase password complexity requirements.
The most effective change to improve password security while considering user convenience is to increase the complexity of the passwords and implement multi-factor authentication. Frequent password changes can often lead to weaker passwords as users may choose easier to remember (and guess) passwords or make minor alterations to their existing ones. By increasing the complexity and using multi-factor authentication, a stronger security posture is achieved without unnecessary frequency in password changes that often leads to diminished security.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is multi-factor authentication, and why is it important for security?
Open an interactive chat with Bash
What are strong password complexity requirements?
Open an interactive chat with Bash
How can frequent password changes affect user behavior and security?