CompTIA Security+ Question C-4

An auditing team has found that passwords do not meet best business practices. Which of the following will MOST increase the security of the passwords? (Select TWO).

A. Password Complexity
B. Password Expiration
C. Password Age
D. Password Length
E. Password History

Answer: A,D

Passwords should have the strength to avoid discovery through attack, but it should also be easy enough for the user to remember. The length and complexity of a password combined are vital factors in defining a password’s strength.