Application: Password Scan
User and system passwords, in theory, should be relatively easy to remember and be hard to guess (which includes avoiding common words susceptible to a "dictionary" attack). Many sites require that passwords conform to rules such as:
- minimum length (usually at least 6 or 8 characters)
- include both upper and lower case letters
- include at least one digit
- include at least one special characters ($, #, @, %, !, etc.)
Constructing such a password that is reasonably easy to remember is generally not difficult. For example, here are some passwords that are not dictionary words and that follow the rules mentioned above:
- SprBwl#44
- Dinner@8
- $64Dollars
- NY.Mets.1969
Passwords should never contain character strings associated with the user, such as birth dates/years, personal names, addresses, user IDs, or Social Security numbers. Which of the following passwords are not allowable under these rules? (Assume an 8-character minimum length.) Explain why each does not meet the required criteria.
- BigDog
- Christmas2010
- JohnSmith.1963
- Tea4Two
- bQj3&&5k
- 12345678
- aaaaaaaa
- password
- banana
- Baltimore
- 214MainStreet
- June15-1974
- RollingStones
Now create five passwords that look very different but that use the above rules. Some sites put restrictions on passwords, such as:
- No spaces
- No special characters
- Maximum length (usually 8 characters)
Additionally, some systems prevent the reuse of old passwords or impose other restrictions such as maximum password lifetime (often 30 or 90 days). As a result, you cannot have just one password that you use everywhere. Aside from the risk of using the same password at multiple sites, write a 1- to 2-page paper that proposes a strategy that a user could follow to manage frequently changing passwords across a variety of sites.In APA Format.