PASSWORD POLICY

Description

Password policies, procedures, and security methods.
Shantal K  Green
Flashcards by Shantal K Green, updated more than 1 year ago
Shantal K  Green
Created by Shantal K Green almost 4 years ago
2
0

Resource summary

Question Answer
PASSWORD POLICY A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly.
PASSWORD COMPLEXITY Account lockout is a feature of password security in Windows 2000 and later that disables a user account when a certain number of failed logons occur due to wrong passwords within a certain interval of time
PASSWORD LENGTH A minimum length of eight characters with a limit of anywhere from 16 to 64 characters or possibly even higher; The inclusion of both uppercase and lowercase letters with case sensitivity; The use of at least one number; and. The use of at least one special character.
PASSWORD HISTORY Password history determines the number of unique new passwords that have to be associated with and used by a user before an old password can be reused again. This enables administrators to enhance security by ensuring that old passwords are not reused continually
MINIMUM AND MAXIMUM PASSWORD AGES The Maximum password age policy setting determines the period of time (in days) that a password can be used before the system requires the user to change it. ... If Maximum password age is set to 0, Minimum password age can be any value between 0 and 998 days.
PASSWORDS ENFORCED BY USING GROUP POLICIES In group policy editor, you can set min and max pw length & ages, history, complexity, and store them using reversible encryption.
PASSWORD ATTACK METHODS BRUTE FORCE ATTACK DICTIONARY ATTACK PHISHING RAINBOW TABLE ATTACK KEYLOGGER CREDENTIAL STUFFING PASSWORD SPRAYING PASSWORD RESET TOOL
CREDENTIAL STUFFING Hackers use lists of stolen usernames and passwords in combination on various accounts, automatically trying over and over until they hit a match.
PASSWORD SPRAYING Tries thousands if not millions of accounts at once with a few commonly used passwords.
KEYLOGGER Install a program on users’ endpoints to track all of a users’ keystrokes.
RAINBOW TABLE ATTACK Compiles a list of pre-computed hashes. It already has the mathematical answers for all possible password combinations for common hash algorithms
PHISHING Disguise their phishing attacks as unsuspecting emails posing as legitimate and known services. From these emails, hackers take users to fake login pages disguised as the legitimate service.
DICTIONARY ATTACK Employ a program which cycles through common words
BRUTE FORCE ATTACK A hacker uses a computer program to login to a user’s account with all possible password combinations.
PASSWORD RESET PROCEDURES The local administrator password should be reset every 180 days for greater security and the service account password should be reset at least once a year during maintenance time.
DOMAIN USER ACCOUNT PASSWORDS A domain user is one whose username and password are stored on a domain controller rather than the computer the user is logging into. When you log in as a domain user, the computer asks the domain controller what privileges are assigned to you.
Show full summary Hide full summary

Similar

Hitler and the Nazi Party (1919-23)
Adam Collinge
Germany 1918-39
Cam Burke
History- Medicine through time key figures
gemma.bell
History- Religion and medicine
gemma.bell
Weimar Revision
Tom Mitchell
History of Medicine: Ancient Ideas
James McConnell
GCSE History – Social Impact of the Nazi State in 1945
Ben C
Conferences of the Cold War
Alina A
Bay of Pigs Invasion : April 1961
Alina A
The Berlin Crisis
Alina A
Using GoConqr to study History
Sarah Egan