Reference no: EM132914934
An IT Security consultant has made three primary recommendations regarding passwords:
Prohibit guessable passwords
such as common names, real words, numbers only
require special characters and a mix of caps, lower case, and numbers in passwords
Reauthenticate before changing passwords
user must enter old PW before creating a new one
Make authenticators unforgeable
do not allow email or user ID as a password
Write a brief paper of explaining each of these security recommendations along with 2 references. Do you agree or disagree with these recommendations? Would you change, add or delete any of these? Add additional criteria as you see necessary.