Learn About creating good password security.

An IT Security consultant has made three primary recommendations regarding passwords:

1. Prohibit guessable passwords
   • such as common names, real words, numbers only
   • require special characters and a mix of caps, lower case and numbers in passwords
2. Reauthenticate before changing passwords
   • user must enter old pw before creating new one
3. Make authenticators unforgeable
   • do not allow email or user ID as password

Using WORD, write a brief paper of 200-300 words explaining each of these security recommendations. Do you agree or disagree with these recommendations. Would you change, add or delete any of these? Add additional criteria as you see necesarry.

Note your Safe Assign score. Continue submitting until your Safe Assign score is less than 25. You have three attempts to complete your assignment.

To improve Safe Assign score, submit references in a separate document or paste in the text section.

 

Security passwords

In IT operations on data safety management, passwords provide the first streak of defence against unauthorized access to one's confidential information (Thompson, 2018). The sturdier the password pattern created, the more one’s computer is protected against malicious software and hackers. Therefore, individuals need to maintain strong passwords for all information accounts in one's computers. Therefore I agree with the three recommendations regarding passwords provided by an IT security consultant as this help to ensure efficiency in the secure management of data in transit and storage. According to the consultant, individuals need to avoid guessable passwords as weak passwords are a recipe for cyber-attacks such as data breaches (Galbally, Coisel & Sanchez, 2017).

Additionally, the security consultant advocates for frequent passwords, but the individual needs to re-authenticate their account credentials before changing the passwords. Re-authentication is a process that helps in confirming the account owner's continuous presence and intention to change the passwords. A regular change of computer passwords helps create a barrier that makes it difficult for hackers to access sensitive data. I agree with the security consultant that re-authentication before changing passwords, especially by entering older passwords before creating new ones, prevents unauthorized individuals from taking control over one's account (Ling et al., 2017). The IT security consultant advises that individuals need to ensure the authenticators are not forgeable by avoiding emails and user ID as device passwords (Dasgupta, Roy & Nag, 2017). When the authenticators are easily predictable, these risk the transfer of one’s account to unauthorized individuals and thus making it easy for cyber-attacks.