Leadership tasks/ Password policies Management Research Paper

Password Policies
Student’s Name
Institutional Affiliation
Password Policies
The escalating reliance on computing is instilling new challenges that must be addressed lest people are exposed to privacy challenges unexpectedly. One of the concerns that come with computing is privacy. Most people would prefer to keep some information about themselves, their families, or organizations private. That is, however, difficult to achieve in a computing era where privacy depends on passwords. Throughout decades, governments, through different agencies, have instilled password policies that are aimed at addressing the breaches. The policies change consistently, and they have attracted praise and criticism in equal measures. This paper analyzes password policies in their details. A detailed analysis of password policies is vital in understanding those policies, predicting trends, and tabulating recommendations to ease their acceptance among users.
The Policies
Password policies have existed throughout the history of computing and their elements keep changing to suit the new developments. The maiden computer password policy was instilled in the 1960s at MIT’s Compatible Time-Sharing System (CTSS) (Axelrod, 2019). CTSS was among the first multi-user operating systems. To limit the amount of time that users took on the system, CTSS introduced passwords. In 1979, the first dictionary attack was recorded emanating from the hashed weaknesses of the hashed passwords. It was at that time that some of the password policies were developed.
Changes in password policies have been instilled since the maiden attack of the CTSS. Morris Thompson was the first to acknowledge the threat of dictionary attacks on computers. He led to the composition of the first wave of password policies (Axelrod, 2019). Some of the elements of the password policy in the first wave included limited use of dictionary words, a minimum length of 6 characters for alphabetic or five characters if the password included non-alpha. They also proposed the application of system-generated passwords. These regulations formed a platform of policies that would keep changing to date.
The current password policies trend across specific standards that could help in specifying the prospects if understood. The first standard of the policies is password aging (Starks, 2014). Within the policy of aging passwords, users are required to change their passwords at specific intervals. This policy emanated from the weaknesses of hashed passwords that eased brute force attacks. Aging policies on passwords have attracted criticism, especially considering the cognitive burden by which they are linked. With limited specification, the policies demand extensive application of aging in websites or places where hashes are at a higher risk of attacks. Several calculations have revealed that the exposure time remains unacceptable no matter the aging policy implemented by an organization.
The other standard of policies is based on passwords and usability. Computer security experts have consistently been indulged in debates concerning the strengths of passwords and their usability (Starks, 2014). In most cases, usability is ignored in favor of securing the systems. The policies insist ...