Which of the following is NOT true about password expiration?
A. Both NIST and Microsoft no longer support it.
B. It is not recommended for security.
C. It should be set to at least one day.
D. It is the point in time when a password is no longer valid.
Answer (2)
The statement that password expiration should be set to at least one day is NOT true; NIST and Microsoft recommend against mandatory password changes. Instead, security experts focus on creating strong passwords and using multifactor authentication for better protection. The guidance emphasizes that frequent changes can lead to weaker password choices. ;
The statement that password expiration should be set to at least one day is NOT true; both NIST and Microsoft recommend against mandatory password changes. The current focus is on creating strong passwords and using multifactor authentication for better security. Enforcing frequent changes can lead users to select weaker passwords, undermining the security goal.
;
