2.7 Given a scenario, apply workstation security options and hardening techniques.
📘CompTIA A+ Core 2 (220-1202)
Passwords are one of the most basic but most important security controls used to protect workstations, user accounts, and data in an IT environment.
A weak password can allow attackers to gain unauthorized access, install malware, steal data, or move deeper into a network.
For the CompTIA A+ exam, you must understand the key password considerations and why they matter in workstation security and hardening.
The main password considerations are:
- Length
- Character types
- Uniqueness
- Complexity
- Expiration
1. Password Length
What is Password Length?
Password length refers to how many characters a password contains.
Why Password Length Matters
Longer passwords are harder to crack than shorter ones.
Attackers often use automated tools that try millions or billions of password combinations. The longer the password, the more combinations are possible.
In IT environments:
- Short passwords are vulnerable to brute-force attacks
- Long passwords greatly increase security
Best Practices (Exam-Relevant)
- Minimum recommended length is 8 characters
- Many organizations require 12–14 characters or more
- Longer passwords provide better protection, even if they are simple
Key Exam Point
Longer passwords are more secure than shorter passwords
2. Character Types
What Are Character Types?
Character types refer to the different kinds of characters used in a password.
Common character types include:
- Uppercase letters (A–Z)
- Lowercase letters (a–z)
- Numbers (0–9)
- Special characters (! @ # $ % ^ & *)
Why Character Types Matter
Using multiple character types increases the number of possible combinations, making passwords harder to guess or crack.
In IT systems:
- Password policies often require multiple character types
- Systems reject passwords that use only letters or only numbers
Best Practices (Exam-Relevant)
- Use at least three or four different character types
- Avoid using only one type (such as all lowercase letters)
Key Exam Point
More character types = stronger password
3. Password Uniqueness
What Is Password Uniqueness?
Password uniqueness means that each account should have its own password.
Why Uniqueness Matters
If the same password is used on multiple systems:
- A breach of one system can compromise all other systems
- Attackers often reuse stolen passwords to access other accounts
In IT environments:
- Email accounts
- Workstation logins
- Administrative accounts
should never share the same password
Best Practices (Exam-Relevant)
- Each user account should have a unique password
- Administrative accounts must have separate passwords from standard user accounts
Key Exam Point
Never reuse passwords across different systems or accounts
4. Password Complexity
What Is Password Complexity?
Password complexity refers to how difficult a password is to guess.
Complex passwords usually:
- Are long
- Use multiple character types
- Do not contain common words
- Do not contain usernames or system names
Why Complexity Matters
Simple passwords are vulnerable to:
- Dictionary attacks
- Credential-stuffing attacks
- Automated password guessing tools
In IT environments:
- Systems enforce complexity rules through password policies
- Complex passwords slow down or stop automated attacks
Best Practices (Exam-Relevant)
- Avoid common words and patterns
- Do not include usernames or organization names
- Combine letters, numbers, and symbols in an unpredictable way
Key Exam Point
Complex passwords are harder for attackers to guess or crack
5. Password Expiration
What Is Password Expiration?
Password expiration requires users to change their passwords after a set period of time.
Why Password Expiration Matters
If a password is compromised:
- Changing it regularly limits how long attackers can use it
- Old or leaked passwords become useless
In IT environments:
- Password expiration is enforced using Group Policy or system security settings
- Especially important for privileged and administrative accounts
Common Expiration Periods
- 30 days
- 60 days
- 90 days
(The exact value depends on organizational security policy.)
Exam-Relevant Considerations
- Too frequent changes can lead to poor password habits
- Password expiration should balance security and usability
Key Exam Point
Password expiration limits damage if a password is compromised
Summary Table (Exam Review)
| Password Factor | Purpose |
|---|---|
| Length | Makes passwords harder to brute-force |
| Character types | Increases possible combinations |
| Uniqueness | Prevents one breach from affecting multiple systems |
| Complexity | Protects against guessing and dictionary attacks |
| Expiration | Limits how long a stolen password can be used |
Final Exam Tips for CompTIA A+
- Know why each password consideration improves security
- Expect scenario-based questions asking which password policy is most secure
- Understand that long, complex, unique passwords provide the best protection
- Remember that password policies are a key part of workstation hardening
