Password Concepts
Passwords are the most common form of authentication, and they consist of several characteristics, such as length, complexity, reuse, expiration, and age. The CompTIA Security+ 701 exam requires familiarity with all of these, as well as password best practices. This section covers both these topics.
Password best practices refer to a set of guidelines and recommendations for creating, managing, and using passwords to enhance security. One set of guidelines is produced by the National Institute of Standards and Technology (NIST), which is a federal agency within the United States Department of Commerce that aims to promote and maintain measurement standards, as well as advance technology and innovation. NIST recommends using passphrases (that is, longer combinations of words or phrases) instead of short, complex passwords. These passphrases are easier to remember and provide stronger security.
Other recommendations to secure your passwords include the following...