WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

NEW! Network+ N11-003 2005 Beta Exam Study Guide - Just $9!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Network+
 9  Chapter 1000:  Security in the Real World
      9  VI  Passwords

Previous Topic/Section
Passport and Liberty
Previous Page
Pages in Current Topic/Section
1
Next Page
 VII  Client Security
Next Topic/Section

Password Policies

Regardless of the NOS your network uses, and how many passwords are required to accomplish one’s daily work goals, almost without question, the battle over password security is the one area you will face as a ongoing battle. Be too draconian in your password selection policy by requiring overly complex passwords, and the users will bypass your efforts by simply writing password down on a post-it note, which will be placed on the monitor. Be too lax and you leave the door open for the uninvited. Part of your job description typically means finding a balance that the users can live with while offering security. This is usually a very fine line that calls for ongoing education on your part. While the amount of security needed will vary, with the data being protected, the overall environment and how much you like your job. Given that, here are some guidelines to begin with.

Strong Passwords

Set a password length of greater than 6 characters.

Do not allow username and password to match.

Set password expiration to expire approximately monthly, and do not allow frequent password reuse.

Make client passwords different from server logons.

Require validation from the server before logon can begin.

Use special characters in passwords such as $%!^.

Do not allow passwords easily found in a dictionary

Protect the data

Networks connected to the Internet need a strong password scheme to offer any degree of protection.

Common point of failure

Sometimes if a user cannot log in, but nothing else seems to be wrong, the user’s password has simply expired.

The NOS will generally warn a user that their password will expire on an upcoming day, but users are infamous for ignoring this warning.



Previous Topic/Section
Passport and Liberty
Previous Page
Pages in Current Topic/Section
1
Next Page
 VII  Client Security
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Network+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Network+ (http://www.CertiGuide.com/netplus/) on CertiGuide.com
Version 1.0 - Version Date: November 7, 2004

Adapted with permission from a work created by Tcat Houser and Helen O’Boyle.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.