Passwords are among the most common authentication mechanisms and it is important to ensure that they are secure. Administrators may use policy objects to securely configure passwords to require good password practices by end users. In this video, learn about password policies, including password complexity, expiration, history/reuse, and length requirements. Also, learn about the password recovery, lockout, and disablement processes.
- [Instructor] Passwords are among…the most common authentication mechanisms…and it's important to ensure that they are secure.…Administrators may use group policy objects…to securely configure passwords…to require good password practices by end users.…Some password requirements exist…to make sure that passwords are difficult to guess…and resistant to brute force guessing attacks.…The first of these requirements…is the password length requirement.…Best practice is that passwords…should be at least eight characters long,…although some organizations require even longer passwords.…
The second requirement…that makes passwords difficult to guess…is the password complexity requirement…that requires passwords include…different types of characters such as uppercase letters,…lowercase letters, digits, and symbols.…Strong password management practices also realize…that sometimes passwords fall into the wrong hands…and users should be protected against an attacker…retaining long-term access to their accounts.…Best practices in this area include…
You can sign up for Mike's free study group at certmike.com, and find his study guides at the Sybex test prep site. To review the complete CISSP Body of Knowledge, visit https://www.isc2.org/cissp-domains/default.aspx.
- Identity and access management overview
- Identification mechanisms: user names, access cards, biometrics, and registration
- Authentication factors
- Password authentication protocols
- Identity as a service (IDaaS)
- Enforcing accountability
- Managing credentials with policies
- Using access control lists
- Defending against access control attacks
Skill Level Advanced
1. Identity and Access Management
5. Credential Management
7. Access Control Attacks
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.