Automated mechanisms exist to determine if password authenticators are sufficiently strong enough to satisfy organization-defined password length and complexity requirements.
Does the organization use automated mechanisms to determine if password authenticators are sufficiently strong enough to satisfy organization-defined password length and complexity requirements?