Authorization

An IT Security consultant has made three primary recommendations regarding passwords:

Prohibit guessable passwords

· such as common names, real words, numbers only

· Require special characters and a mix of caps, lower case and numbers in password.

Reauthenticate before changing passwords

· User must enter old pw before creating new one

Make authenticators unforgeable

· Do not allow email or user ID as password

Using WORD, write a brief paper of 200-300 words explaining each of these security recommendations. Add additional criteria as you see necessary.