cjb9
commented
8 years ago This enhancement is out of scope for this IR.
Closed sdog-mitre closed 8 years ago
cjb9
commented
8 years ago This enhancement is out of scope for this IR.
General Comment
Threat ID: None.
Type of Comment:
Proposed Change: It would be helpful to identify the implications of implementing countermeasures when they potentially conflict with other security goals. For example, requiring a 15-character complex password counters many attacks on passwords. However, that hurts usability of the password for end users.
Justification: Help readers make more informed decisions regarding the proposed countermeasures to adopt.