Talk:CISA

This disambiguation page does not require a rating on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Disambiguation This disambiguation page is within the scope of WikiProject Disambiguation, an attempt to structure and organize all disambiguation pages on Wikipedia. If you wish to help, you can edit the page attached to this talk page, or visit the project page, where you can join the project or contribute to the discussion.DisambiguationWikipedia:WikiProject DisambiguationTemplate:WikiProject DisambiguationDisambiguation articles

Is a 5 place password a security measure?

What most trips me up is the word "Security". From a computer security perspective, a 5 place password has rapidly passed away as a meaningful defense against password cracking. Password guessing and cracking tools on common laptops can generate every ASCII symbol for all 5 places in substantially less than 1 second. Only in the context of multi-factor authentication, where a 5 place password is one factor, would I consider a 5 place password a "security" measure.

I understand that the question is supposed to discuss a control in a more abstract sense. But, the NIST paper that mentioned password length has not been updated since 1970. Is it not time to update this test question in favor or modern reality?

Don Turnblade, MS, CISSP, CISM, CISA

Retrieved from "http://en.wikipedia.org/wiki/Talk:Certified_Information_System_Auditor"