Use of passwords expiration feature in data communication systems is unpopular. Explain two limitations of this feature

      

Use of passwords expiration feature in data communication systems is unpopular. Explain two limitations of this feature

  

Answers


Faith
-Productivity Impact
password handling is an unproductive, “overhead” activity whose impact should be minimized for practical reasons. Yet the traditional password changing process is one of the more challenging tasks a user must face.

-Password sequences
Another common strategy is for users to choose passwords out of a series (“secret01” “secret02” “secret03” and so on). This easily and conveniently satisfies the system’s demand for a new password whenever it might happen, and Cathy only has to remember the base word (“secret”) and the number she’s used most recently. If she forgets what number she’s on, she can probably guess it while making only a couple of unsuccessful attempts. Unfortunately, the same is true for an attacker.

-Writing passwords down
After facing troubles memorizing random passwords and constructing passwords from pieces of text, users often fall back on paper: they write the password down and keep it in a convenient place. This often happens even when local rules forbid it:

-Expiration in password policies
Even though password expiration is a burden on the user community that often has either a negative effect, or no effect, on site security, it currently plays a prominent role in password management policies.
Guideline that described how to compute the “strength” of a password in terms of how hard it was to guess through trial and error. The implicit logic of the Guideline’s approach is that you can always make a password stronger by making it longer and/or using a larger character set. By implication, you ensure the passwords are strong by requiring a mixture of upper- and lower-case letters, digits, and punctuation marks. The mixture suggests that the user hasn’t simply picked a memorable word that might be in a dictionary, even though the user probably won’t need to write the memorable word down.

-Strong Authentication
As a practical matter, most organizations don’t spend money on security until after they’ve suffered a significant loss.
If a site relies on computer-based authentication to protect valuable resources, then it really needs to use a stronger technology than passwords.

Titany answered the question on November 30, 2021 at 12:29


Next: Joan was requested to patch communication software in her company’s computers. Explain two reasons that could have influenced the request
Previous: Wireless networks are commonly used in business firms. Outline four benefits of the network

View More Data Communication and Networking Questions and Answers | Return to Questions Index


Exams With Marking Schemes

Related Questions