Which of the following is NOT a good password deployment guideline?
A.
Passwords must not be he same as user id or login id.
B.
Password aging must be enforced on all systems.
C.
Password must be easy to memorize.
D.
Passwords must be changed at least once every 60 days, depending on your environment.
Explanation:
Passwords must be changed at least once every 60 days (depending on your environment).
Password aging or expiration must be enforced on all systems. Upon password expiration,
if the password is not changed, only three grace logins must be allowed then the
account must be disable until reset by an administrator or the help desk. Password
reuse is not allowed (rotating passwords).