Describe a situation when a cyber attacker would have great difficulty
cracking a password. Make sure to explain why it would be difficult by
describing the security measures that were likely taken to prevent the attack in
the first place.
In federal government agencies, the IT departments have implemented robust
security measures to safeguard their critical information assets and data. By
recognizing that, one of the fundamental aspects of their defense strategy is
authentication which includes password. To authenticate their users, they need
to use the principles of zero trust. Here is why a cyber attacker would have
extremely challenging cracking password:
The user has created a password that is complex, long (at least 12 characters),
complex (combination of upper and lower cases letters, numbers, and special
characters). Organization has put in place a policy that mandates users to
change their passwords after 6 months. The organization system requires
multi-factor authentication.
Account Lock out policy: The account is temporarily locked after 3-5 failed
login attempts. Also, the passwords are stored in a salted and hashed format in
the databases.
The accounts are disabled when employee left or retired from
the company.
