123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

The Limitations Of Technical Controls

Profile Picture
By Author: Alyssa
Total Articles: 128
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Where technical controls can be used to enforce password policy, they should be used. However, the designer should understand their limitations:

• The password complexity requirement might not provide any additional security unless users are trained in producing strong passwords. Using this control will force users to create passwords using characters, numbers, and symbols, and this will prevent casual password guessing. However, password-cracking products can quickly crack some these combinations, especially if they are able to use the LM password hash.

• Users might write down passwords in easily discovered places. This is especially true where passwords must be complex, long, and change frequently. Research has shown that seven is the maximum number of letters or numbers that most people can easily remember.

See Also Bell Labs did a lot of research on memory in the early days of telephones. One thing that the company learned was that the optimum number of digits people could remember was seven. This is why, at least in the United States, telephone numbers are seven digits long. ...
... You can read more at certification provider(http://www.buyitexam.com).

• Users might share passwords with co-workers.

If one character in the password is changed before submitting it as a new pass-word, the operating system sees it as a new password. The history requirement will not prevent this type of password reuse. To an attacker who knows an old password, the obvious strategy when refused its use is to change one character and try again. Attackers know the typical user will change the last character because this change is more easily remembered.

Users forget their password and must have it reset. This means somebody must have the power to do so for them. The typical resource for password changes is the Help Desk. A strong Help Desk policy, training, and enforcement practice must be used to ensure that this privilege is not abused.

• If a password is administratively reset, the user must change his password because the person who reset it also knows it. This can be forced by setting the account

property User Must Change Password At Next Logon. However, if this is not set, the user might not remember to change her password on her own. The individual who resets the password might realize this and use the opportunity to take advantage of a MCSA Exam(http://www.mcsa-70-290.com).

There is no technical control to enforce a user-by-user change in password strength policy. Often various areas of the organization have different needs for stronger passwords. Administrators and those with access to sensitive information should be required to use stronger passwords. However, there is no technical way to do so. The need to use one password policy per domain weakens the policy.

Planning A domain can have only one password policy. Separate password policies can be configured in GPOs linked to OUs. However, that policy will affect only the local account database of the computers that reside in the domain.

If one character in the password is changed before submitting it as a new pass-word, the operating system sees it as a new password. The history requirement will not prevent this type of password reuse. To an attacker who knows an old password, the obvious strategy when refused its use is to change one character and try again. Attackers know the typical user will change the last character because this change is more easily remembered.

Users forget their password and must have it reset. This means somebody must have the power to do so for them. The typical resource for password changes is the Help Desk. A strong Help Desk policy, training, and enforcement practice must be used to ensure that this privilege is not abused.

• If a password is administratively reset, the user must change his password because the person who reset it also knows it. This can be forced by setting the account

property User Must Change Password At Next Logon. However, if this is not set, the user might not remember to change her password on her own. The individual who resets the password might realize this and use the opportunity to take advantage of that knowledge.

There is no technical control to enforce a user-by-user change in password strength policy. Often various areas of the organization have different needs for stronger passwords. Administrators and those with access to IT certification(http://www.buyitexam.com) should be required to use stronger passwords. However, there is no technical way to do so. The need to use one password policy per domain weakens the policy.

Planning A domain can have only one password policy. Separate password policies can be configured in GPOs linked to OUs. However, that policy will affect only the local account database of the computers that reside in the domain.

Total Views: 187Word Count: 804See All articles From Author

Add Comment

Computers Articles

1. 5 Must-have Features For Your Support Portal Solution
Author: Maulik Shah

2. What Are Apis And How To Protect Api Vulnerabilities?
Author: sowmya

3. How Fraud Detection System (fds) Works With Ai Technology
Author: sowmya

4. What Are Cyber-physical Attacks And How Dangerous Are They?
Author: sowmya

5. What Is Ransomware Forensics
Author: sowmya

6. How Does A Penetration Testing Service Work?
Author: sowmya

7. The Most Effective Method To Secure An Ecommerce Website
Author: sowmya

8. How To Make Your Computer Run Like New
Author: Vikas

9. Hubbroker : Championing Agility: Leading The Industry Through Ecosystem Integration
Author: Jenna Shah

10. What One Needs To Figure Out About Laptops
Author: subhan basha

11. Ip For High Performance Computing-socs For Artificial Intelligence-high Speed Chip-to-chip Interface Protocol
Author: Guru

12. 3 Major Challenges That An It Helpdesk Agent Faces And How To Resolve Them
Author: Maulik Shah

13. How To Keep Your Important Files Safe
Author: Isabella Whitmore

14. Ransomware Detection Through Threat Hunting
Author: sowmya

15. Advantages Of Cloud Infrastructure Security
Author: sowmya

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: