PT152 S4 Q20 ExplanationComing up with secure passwords

Answer choices, explained

1. A

   Too Strong: should not20% picked this

   Computer users should not write down their passwords even if the passwords are

   If we were doing Most Supported, this answer would seem worth considering. It's supportable. But it's not must be true "derivable" from the statements, since none of the statements used should language. We know that writing down passwords poses the greatest security threat of all, but we don't have a mechanism for deriving that "you should not do whatever action poses the greatest security threat of all".

   20%
2. B

   Out of Scope: expensive2% picked this

   It is expensive to have system administrators constantly resetting forgetful

   This is also plausible and supported, but it's not a must be true we can derive from the paragraph because the statements don't mention anything about the cost of system administrator's time spent helping users reset their passwords.

   2%
3. C

   Correct64% picked this

   Passwords that are very easy to guess pose less of a security threat than passwords that are

   Why this is right

   We can practically derive this comparison because we were told that writing down a password poses the greatest security threat of all. So if you're not writing down a password, then you're posing less of a security threat than is someone who is writing down their password. Do we know whether or not people who make passwords that are very easy to guess are writing down their passwords? We don't really. This is either sloppiness on the part of LSAC (even though it's "must be true", we seem to be picking the "most supported" answer), or they think that the final two claims allows us to infer something about the frequency with which people who create easy vs. difficult passwords are writing those passwords down. The final two claims are saying, "most passwords that are very difficult are written down (generally = most), and hence pose the greatest security threat of all." If most passwords that are very easy to guess are also written down, then it would be weird to say that when the difficult-password people write theirs down, they have hence posed the greatest security threat of all. How could it be the greatest threat if the easy-password people are also writing theirs down? I think this case I'm making for them is pretty weak, and that more likely they just didn't care that their correct answer on Must Be True is still a little loose. It at least feels like the most provable, most supportable answer available.

   Skill tested: Must be True · how this choice captures the argument's function is the move to repeat next time.

   64%
4. D

   Too Strong: least likely12% picked this

   Passwords that are random configurations of letters and numbers are the least likely to result

   The information defines the greatest security threat, but it never defines the least likely security threat. Even though random and complex passwords are the hardest to guess, that doesn't mean they're the least likely to result in security breaches since they often result in people writing down their password, which is the greatest security threat of all.

   12%
5. E

   Too Strong2% picked this

   The easier a password is to remember, the more secure the

   Too Strong: the more x, the more y The paragraph told us that easy to remember passwords are the easiest for an outside to guess. That, on its face, goes against what this answer is saying.

   2%