CompTIA Security+ (SY0-501) — Question 919
Despite having implemented password policies, users continue to set the same weak passwords and reuse old passwords. Which of the following technical controls would help prevent these policy violations? (Choose two.)
Answer options
- A. Password expiration
- B. Password length
- C. Password complexity
- D. Password history
- E. Password lockout
Correct answer: C, D
Explanation
The correct answers, C (Password complexity) and D (Password history), directly enforce stronger password creation and prevent the reuse of old passwords. Options A (Password expiration) and E (Password lockout) are more about managing existing passwords and account access rather than ensuring that the passwords themselves are strong and unique, while B (Password length) is a good practice but does not address password reuse.