A security administrator is reviewing the below output from a password auditing tool:
S3cU4Which of the following additional policies should be implemented based on the tool’s output?
The output shows that all the passwords are either 4 or 5 characters long. This is way too short, 8 characters
are shown to be the minimum for password length.