Creating good password security | Computer Science homework help

 An IT Security consultant has made three primary recommendations regarding passwords:

  1. Prohibit guessable passwords
    • such as common names, real words, numbers only
    • require special characters and a mix of caps, lower case, and numbers in passwords
  2. Reauthenticate before changing passwords
    • user must enter old PW before creating a new one
  3. Make authenticators unforgeable 
    • do not allow email or user ID as a password

Using WORD, write a brief paper of 200-300 words explaining each of these security recommendations along with 2 references.  Do you agree or disagree with these recommendations? Would you change, add or delete any of these?  Add additional criteria as you see necessary.