Exam FC0-U61 topic 1 question 222 discussion

C. Password reuse Explanation: The second compromise occurred because the user likely reused the same password from the first compromised account on another site. When attackers obtain credentials from one breach, they often try the same login information on other sites (credential stuffing attacks). Why the other options are incorrect: A. Password age – While changing passwords regularly can help, it wouldn't have prevented the second compromise if the user reused the same password elsewhere. B. Password complexity – A complex password is important, but if it was already compromised and reused, complexity wouldn’t have prevented the second attack. D. Password length – A longer password improves security, but it does not help if the same password is reused across multiple accounts.

C. Password reuse Password reuse is the practice of using the same password for multiple accounts or services. In this scenario, the second compromise occurred because the user reused the same credentials that were compromised in the first incident. If the user had used unique passwords for each account or service, the second compromise could have been prevented, even if the credentials from the first compromise were exposed.

I don't really understand a lot of these password questions because "Password Reuse" makes sense to me. Obviously, it's meaning "do not reuse your password" as a preventative measure. I don't think any other option makes sense when talking about 2 different accounts being hacked because you are using the same password for both. Password age is when the duration of the password is considered valid before it needs to be changed. This wouldn't prevent a second compromise. Even Chat GPT shows it is C. Password Reuse. Would love some more discussion on this.

This is obviously incorrect

whoever is in charge of establishing the write answer for some of these questions is either mentally challenged or is working to fast without reading the question all the way. this is the third time a password reuse has been labeled as the best preventative option and this one is the worst one yet. it is very obviously not reuse and needs to be Age. The user has reused this password for too long. If the age of the password didn't extend from compromise 1 to compromise 2 then it wouldn't have happened a second time.