Which of the following is considered best practice when formulating minimum standards for developing password policies?
a. Password length set to 6 characters
b. Require password change at 90 days
c. Maximum password age set to zero
d. Account lockout threshold set to zero
Answer: B