Which of the following is a compensating control that will BEST reduce the risk of weak passwords?
A. Requiring the use of one-time tokens
B. Increasing password history retention count
C. Disabling user accounts after exceeding maximum attempts
D. Setting expiration of user passwords to a shorter time
A