123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

The Limitations Of Technical Controls

Profile Picture
By Author: Alyssa
Total Articles: 128
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Where technical controls can be used to enforce password policy, they should be used. However, the designer should understand their limitations:

The password complexity requirement might not provide any additional security unless users are trained in producing strong passwords. Using this control will force users to create passwords using characters, numbers, and symbols, and this will prevent casual password guessing. However, password-cracking products can quickly crack some these combinations, especially if they are able to use the LM password hash.

Users might write down passwords in easily discovered places. This is especially true where passwords must be complex, long, and change frequently. Research has shown that seven is the maximum number of letters or numbers that most people can easily remember.

See Also Bell Labs did a lot of research on memory in the early days of telephones. One thing that the company learned was that the optimum number of digits people could remember was seven. This is why, at least in the United States, telephone numbers are seven digits long. You can read ...
... more at certification provider(http://www.buyitexam.com).

Users might share passwords with co-workers.

If one character in the password is changed before submitting it as a new pass-word, the operating system sees it as a new password. The history requirement will not prevent this type of password reuse. To an attacker who knows an old password, the obvious strategy when refused its use is to change one character and try again. Attackers know the typical user will change the last character because this change is more easily remembered.

Users forget their password and must have it reset. This means somebody must have the power to do so for them. The typical resource for password changes is the Help Desk. A strong Help Desk policy, training, and enforcement practice must be used to ensure that this privilege is not abused.

If a password is administratively reset, the user must change his password because the person who reset it also knows it. This can be forced by setting the account

property User Must Change Password At Next Logon. However, if this is not set, the user might not remember to change her password on her own. The individual who resets the password might realize this and use the opportunity to take advantage of a MCSA Exam(http://www.mcsa-70-290.com).

There is no technical control to enforce a user-by-user change in password strength policy. Often various areas of the organization have different needs for stronger passwords. Administrators and those with access to sensitive information should be required to use stronger passwords. However, there is no technical way to do so. The need to use one password policy per domain weakens the policy.

Planning A domain can have only one password policy. Separate password policies can be configured in GPOs linked to OUs. However, that policy will affect only the local account database of the computers that reside in the domain.

If one character in the password is changed before submitting it as a new pass-word, the operating system sees it as a new password. The history requirement will not prevent this type of password reuse. To an attacker who knows an old password, the obvious strategy when refused its use is to change one character and try again. Attackers know the typical user will change the last character because this change is more easily remembered.

Users forget their password and must have it reset. This means somebody must have the power to do so for them. The typical resource for password changes is the Help Desk. A strong Help Desk policy, training, and enforcement practice must be used to ensure that this privilege is not abused.

If a password is administratively reset, the user must change his password because the person who reset it also knows it. This can be forced by setting the account

property User Must Change Password At Next Logon. However, if this is not set, the user might not remember to change her password on her own. The individual who resets the password might realize this and use the opportunity to take advantage of that knowledge.

There is no technical control to enforce a user-by-user change in password strength policy. Often various areas of the organization have different needs for stronger passwords. Administrators and those with access to IT certification(http://www.buyitexam.com) should be required to use stronger passwords. However, there is no technical way to do so. The need to use one password policy per domain weakens the policy.

Planning A domain can have only one password policy. Separate password policies can be configured in GPOs linked to OUs. However, that policy will affect only the local account database of the computers that reside in the domain.

Total Views: 424Word Count: 804See All articles From Author

Add Comment

Computers Articles

1. 00al556 Ibm 550-watts Platinum Power Supply For X3650 M4: Reliable And Energy-efficient Power For Enterprise Servers
Author: Server Tech Central

2. Iot Identity And Access Management (iam) Market : Driving Secure Innovation In Connected Ecosystems
Author: Umangp

3. Why Should You Plan Blinkit Onboarding Before Market Expansion And How Can Zane Marketing Help You Grow Faster
Author: Zane Marketing

4. Customer Identity And Access Management (ciam) Market : Strengthening Security And Customer Trust
Author: Umangp

5. How To Start Your Website Redesign Project?
Author: brainbell10

6. Sap Compliance In Manufacturing: Closing The Gaps Grc Leaves Behind
Author: Mansoor Alam

7. Speech Analytics Market : Unlocking Actionable Insights From Customer Conversations
Author: Umangp

8. Data Preparation Tools Market: How Ai And Cloud-based Solutions Are Transforming Modern Data Workflows
Author: Umangp

9. How To Setup And Create Instagram Ads?
Author: brainbell10

10. Why Digital Business Cards Are The Future Of Professional Networking
Author: WhyTap

11. End To End Sataware Product Development Is The Process Of Identifying Market Opportunities To Hire Flutter Developer, Connecting User Needs And Requir
Author: brainbell10

12. Dynamics Nav To Business Central Upgrade Guide
Author: brainbell10

13. Data Governance Framework: Building Trust In The Digital Age
Author: Umangp

14. A Complete Guide To Dynamics 365 Warehouse Management
Author: brainbell10

15. Conversational Ai In Intelligent Contact Centers: Market Outlook And Future Growth To 2028
Author: Umangp

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: