A distributed system using passwords as the authentication means can use a number of techniques
to make the password system stronger. Which of the following is NOT one of these techniques?
A.
Regular password reuse
B.
Password generators
C.
Limiting the number or frequency of log-on attempts
D.
Password file protection
Explanation:
Passwords should never be reused after the time limit on their use has expired. Answer “password
generators” supply passwords upon request. These passwords are usually comprised of numbers,
characters, and sometimes symbols. Passwords provided by password generators are, usually, not
easy to remember. For answer “password file protection” may consist of encrypting the password
with a one-way hash function and storing it in a password file. A typical brute force attack against
this type of protection is to encrypt trial password guesses using the same hash function and to
compare the encrypted results with the encrypted passwords stored in the password file. Answer
“Limiting the number or frequency of log-on attempts” provides protection in that, after a specified
number of unsuccessful log-on attempts, a user may be locked out of trying to log on for a period of
time. An alternative is to progressively increase the time between permitted log-on tries after each
unsuccessful log-on attempt.