Prompt: What principles should the information security analyst apply in order to develop appropriate password policies for their clients? Make sure you address confidentiality, integrity, and availability of information, as well as each of the following aspects:
Password length and composition of the password (e.g., uppercase, numbers, special characters)
Time period between resets and ability to reuse a prior password
Differentiated policies for different types of users (e.g., administrator vs. regular user)