16 Nov Practice Test Question – Password Policies
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Frank would like to set his organization’s password length requirements to align with industry best practices. What should he set as the maximum password length?
A. No maximum
B. 8 characters
C. 16 characters
D. 255 characters
Correct Answer: A
The best source for guidance on passwords and other authentication techniques is NIST Special Publication 800-63B: Digital Identity Guidelines. In the most recent revision of this document, NIST states that users should not be subjected to a maximum password length requirement and should be allowed to choose passwords as lengthy as they would like.