220-1002 · Question #821
A systems administrator needs to reset a user's password because the user forgot it. The systems administrator creates the new password and wants to further protect the user's account. Which of the fo
The correct answer is A. Require the user to change the password at the next login.. Requiring the user to change the password at next login is the correct security practice. When an admin resets a password, they know what that password is - meaning two people now know it, which is a security risk. Forcing a change at first login ensures only the account owner kn
Question
A systems administrator needs to reset a user’s password because the user forgot it. The systems administrator creates the new password and wants to further protect the user’s account. Which of the following should the systems administrator do?
Options
- ARequire the user to change the password at the next login.
- BDisallow the user from changing the password.
- CDisable the account.
- DChoose a password that never expires.
How the community answered
(37 responses)- A92% (34)
- B3% (1)
- D5% (2)
Explanation
Requiring the user to change the password at next login is the correct security practice. When an admin resets a password, they know what that password is - meaning two people now know it, which is a security risk. Forcing a change at first login ensures only the account owner knows the final password. A) is the standard and secure approach. B) Disallowing the user from changing their password is the opposite of good security. C) Disabling the account would prevent the user from working. D) Setting a non-expiring password removes a layer of ongoing security. This is a fundamental principle of the principle of least privilege and account hygiene: the admin-set password should be temporary.
Topics
Community Discussion
No community discussion yet for this question.