CSC 379 SUM2008:Week 3, Group 3

From Expertiza_Wiki
Revision as of 22:27, 23 July 2008 by Nadeem (talk | contribs)
Jump to navigation Jump to search

Costs and Benefits Password Regulations

“Best practices” sometimes seem to take on a life of their own, independent of any recent assessment of their costs and benefits. An example is password policies; maximum length, restrictions on characters that can be used, and password-change frequency. Evaluate these popular password regulations. Do they provide adequate benefits for costs incurred? What ethical considerations do poorly evaluated “best practices” raise? Do policy-makers have an ethical responsibility to evaluate “best practices” before adopted? A responsibility to re-evaluate existing practices?

Cite specific evidence in your cost/benefit analysis from quality sources (professional/academic journals preferred).

"Best Practices" Research

Policies

Password Length

Character Restriction

Password Change Frequency

Policies for major corporations usually require that employees change their password after a certain period of time. Typically, this time frame may be from 90 days to 6 months.

Password History Restriction

Password Retrieval

Other Security Measures

Ethical Concerns

Links