Free CompTIA SecurityX / CASP+ CAS-005 Actual Exam Questions - Question 1 Discussion
Users are willing passwords on paper because of the number of passwords needed in an
environment. Which of the following solutions is the best way to manage this situation and decrease
risks?
B. SSO directly reduces the number of passwords users need to remember by centralizing access, which helps with the root problem of too many passwords, especially if most apps support it.
It’s C because a password manager works across all apps regardless of SSO support. It actually helps users store and generate strong passwords without needing to write them down, which directly tackles the risk.
I’m thinking A is out since making passwords longer won’t stop people from writing them down. D helps security but doesn’t fix the password overload problem itself. So, between B and C, which one handles mixed app environments better?
B/C? I get why B is popular since SSO cuts down on how many passwords you need to remember, but what if some apps don’t support it yet? That’s where C could be helpful—using a password manager lets users store complex passwords securely without writing them down. Open-source might sound risky, but some are well-vetted and transparent. Increasing complexity (A) just makes it worse for users, and MFA (D) is great for security but doesn’t stop users from jotting passwords down in the first place. So C seems like a solid alternative if SSO isn’t fully doable.
Maybe B is better because it reduces the number of passwords users have to remember overall, cutting down the chance they write them down. MFA (D) helps security but doesn’t solve the password overload issue directly.
B/C? Is the question asking about usability or security priority? Using open-source password managers might have risks, but SSO depends on app integration and trust levels. More context would help.