In this short assignment, you will perform an assessment of the University of Iowa's password policy and support documentation to determine level of maturity of their policy. For this assignment, write a short summary (2 page maximum) of the University of Iowa's policy for passwords located at https:/rds.uiowa.edu/hawkidtpassword#!overview and https://itsecurity.uiowa.edu/enterprise-password.
Include the following questions about the Password Security Policy in the assignment: 1. Describe any grey areas that are ambiguous or internally inconsistent with the policy or other statements. 2. Discuss the level of complexity in the password policy. Is it reasonable? Is it enforceable? What will users think about it? 3. What changes would you make to make it more reasonable, enforceable, and acceptable by those that it applies to? 4. Are there any bad practices within the password policy? If so identify them and explain why they are bad. 5. How does the style of the password policy fd with the University's overall set of policies at https://itsecurity.uiowa.edu/university-it-policy? What, if anything, should be changed that password policy and why?
Sample Solution