Copyright Goodheart-Willcox Co., Inc. 472 Networking Fundamentals Secure passwords do not match words commonly found in a dictionary. In- stead, they incorporate numbers and special characters, which makes them much more diffi cult to crack. Th e following are some examples of secure passwords: ■ AceHat$_301 ■ Bob_$ecure4PC ■ Open_Lock231! No password is 100 percent secure. However, there are passwords that are dif- fi cult to guess or hash. Passwords are so critical to authentication that network op- erating systems can control many of the important characteristics required of good passwords. An administrator can set policies or default settings that can aid in password security. Figure 15-17 shows the Group Policy Management utility associated with Windows Server 2008. You can readily see the list of password policies available, such as history, age, length, and complexity. 4.5 NET Figure 15-17 Windows Server 2008 password policies for the domain. Password policies Goodheart-Willcox Publisher Password History As passwords are changed, the old passwords can be stored and used for comparison against the most recent password. For example, a user may be required to change his or her password every 90 days. Th is practice is compromised if the user constantly switches between two passwords, such as MySecret and Secure. Not only are these poor passwords, but by constantly switching between the two, there is little protec- tion off ered by changing the password. Some network operating systems, therefore, allow the administrator to set a minimum password history, which forces the user to use a new password that does not match any of their old passwords. For example, the history password policy can be set to store the last 24 passwords. By enforcing the password history, users are forced to use new passwords continually. However, this practice can also be easily compromised by simple techniques, such as adding