SY0-301 · Question #885
A recent audit has discovered that at the time of password expiration clients are able to recycle the previous credentials for authentication. Which of the following controls should be used together t
The correct answer is A. Password age D. Password history. Password history prevents users from reusing a set number of previously used passwords (e.g., the last 10). However, a savvy user can quickly change their password many times in rapid succession to cycle through the history and return to their original password. Password age (spe
Question
A recent audit has discovered that at the time of password expiration clients are able to recycle the previous credentials for authentication. Which of the following controls should be used together to prevent this from occurring? (Select TWO).
Options
- APassword age
- BPassword hashing
- CPassword complexity
- DPassword history
- EPassword length
How the community answered
(22 responses)- A73% (16)
- B9% (2)
- C14% (3)
- E5% (1)
Explanation
Password history prevents users from reusing a set number of previously used passwords (e.g., the last 10). However, a savvy user can quickly change their password many times in rapid succession to cycle through the history and return to their original password. Password age (specifically a minimum password age) closes this loophole by enforcing a minimum number of days before a password can be changed again, making rapid cycling impractical. Together, these two controls effectively prevent credential recycling. The other options - hashing, complexity, and length - improve password strength but do not address the specific problem of password reuse.
Topics
Community Discussion
No community discussion yet for this question.