LSAT and Law School Admissions Forum

[Administrator]

Please post your questions below!

[579882]

I can see how (C) works, but I am confused as to why (A) is incorrect. Doesn't the argument imply that users should never write down their passwords since it poses the greatest security threat of all? Thanks!

[Adam Tyson]

The problem with that answer, 579882, is that the author never takes a position about what should or should not be done. While writing down passwords presents the greatest threat to security, is that worse than taking up the sysadmin's time? Just because it is the greatest threat, does that mean it is always a threat? Perhaps it would be okay to write them down, so long as they were kept somewhere secure? We have to be careful about using factual information, such as what this stimulus presented, and drawing conclusions about opinions like what should or should not happen or what is good or bad. That's the trap in answer A, and we must not fall for it.

[mikewazowski]

Hi,

I didn't think any of the answers worked, but (C) looked worse than (A) for me. We know that users who forget their passwords contact administrators, isn't that more secure than easy to guess passwords? Further, these difficult passwords are 'generally' written down, so some easy to guess passwords could very well pose less of a threat than the difficult to remember ones, if there are some people who have a secure password but don't write it down. I'm not sure if I'm not understanding the word 'generally' (or 'most' for that matter). Or am I not understanding the word 'less'? Are we comparing degree of threat or frequency of threat? Is the answer choice saying: the risk that all easy password pose < the risk that some difficult passwords pose by writing them down? I'm confused in 'general'

Thanks

[Paul Marsh]

Mike Wazowski! Big fan.

"Generally" doesn't really have a specific or strong definition on the LSAT; don't get hung up on it. It roughly means "usually" or "in most cases". I'd say the word "generally" here is sort of a throwaway, and doesn't really impact the meaning of the stimulus much. Answer Choice C is an inference that mainly comes from this portion of the stimulus: "passwords that are very difficult to remember are generally written down by users, and hence pose the greatest security threat of all". That portion can be simplified down to the inference that: "very difficult to remember passwords pose the greatest security threat of all". Once shortened down to that simple format, Answer Choice C clearly follows since any type of password is apparently less of a security threat than a very difficult to remember one.

Hope that helps!

[cornflakes]

Hi Powerscore,

I was very confused by this one until I diagrammed it out in a pseudo-conditional way. I didn't see this explanation made originally so I felt like I should underscore it for others who found C didn't go down as smooth as they would like.

So the key here is to identify that we're trying to determine relative security threat - one type of password poses less of a security threat than another type. C can be diagrammed in the following way:

Passwords that are easy to guess do pose an acknowledged security threat of some quantity

Passwords that are difficult to remember --> written down by users --> pose the greatest security threat of all (presumably due to them being written down)

In essence, "passwords that are difficult to remember" as presented in the answer choice means a password that poses the greatest security threat of all, so any other type of password will pose less of a security threat.

At first, I thought this answer required an assumption about easy passwords not being written down - which would then make them an equal security threat. The LSAT anticipated that my brain would erroneously go to this place, however, in that the first part of the answer describes just the security threat (easy to guess), not the actually password that led to it, whereas the second part of the answer describes the password.

Easy to guess is not as big a security threat as written down, because written down as the biggest security threat of them all.

[Rachael Wilkenfeld]

Hi Cornflakes,

This one does have some conditionality, but I wouldn't diagram answer choice (C) conditionally. It's a comparative statement. For answer choice (C) they wanted you to notice the term "greatest" in the stimulus, and realize that anything other than the "greatest" has to be less risky. It's similar to when a stimulus says that something is the ONLY way to achieve a result. They want you to know that any other way would not be effective.

Hope that helps!

[caramelcrumble]

I am quite lost here. It seems that everything said before doesn't address the problem of (C), which is in my opinion, that it generalizes "hard passwords" to being the "greatest threat."

It goes hard password -> easy to forget -> waste admin time OR write down and write down (ONLY WRITE DOWN) has the "greatest threat" description attached.

(A) is claiming that because writing it down is the greatest threat, even if you have a hard password, you should not write it down. That makes sense, because writing it down is what creates the greatest threat.

(C) is claiming that hard passwords are a greater threat, and that is based because *some* people will forget, and then *some* people will then write it down. I feel like that is a stretch of a conclusion to make given that you are assuming that this unspecified number of people who have hard passwords and then forget and then write it down poses a greater threat than just having an easy to guess password.

Even if (C) is assumed to be true, i still feel like (A) is a better answer, because again, writing it down is the reason why "greatest threat" is even mentioned. The stimulus didn't say that people wouldn't secure the thing they wrote down or whatever, they claimed that simply writing it down was enough to call it the greatest threat. Therefore Adam Tyson's reply earlier ("Perhaps it would be okay to write them down, so long as they were kept somewhere secure?") doesn't really refute (A) at all because the stimulus doesn't care that other unspecified precautions could be taken when calling it the greatest threat.
If simply writing it down is enough to call it the greatest threat, then users shouldn't write it down.

[Jeff Wren]

Hi caramelcrumble,

This question is definitely tricky, and I sympathize with your frustration.

The key to this question is focusing on the exact wording of the second half of the final sentence in the stimulus.
The stimulus states "Passwords that are very difficult to remember are generally written down by users, and hence pose the greatest security threat of all."

The subject of this clause of the sentence is "passwords that are very difficult to remember," and it is these passwords that "pose the greatest security threat of all." While it is completely true that the "problem" is the fact that these passwords are generally written down by users, according to the sentence, it is the entire group/category of "passwords that are very difficult to remember," that is posing the greatest security threat of all rather than "only" the ones that are written down. In other words, it is the practice of using "passwords that are very difficult to remember," as it is actually being practiced overall that is the greatest security threat. (While it's reasonable to think, hey just don't write down your passwords and the problem would be solved, that's not what the sentence is saying.)

You wrote that:

(C) is claiming that hard passwords are a greater threat, and that is based because *some* people will forget, and then *some* people will then write it down. I feel like that is a stretch of a conclusion to make given that you are assuming that this unspecified number of people who have hard passwords and then forget and then write it down poses a greater threat than just having an easy to guess password.

While I agree that this answer would be a stretch in "the real world," it is not a stretch based on the statements given in the stimulus.

Also note that statements such as "passwords that are very easy to guess pose less of a security threat than passwords that are very difficult to remember" means in general/overall. It does not mean that every password that is easy to guess poses less of a security threat than every password that is very difficult to remember.

One other thing to be aware of is that this answer is counterintuitive to what one would expect in "the real world." In the real world, harder to guess passwords (even if they are written down) are almost certainly safer than easy to guess passwords. The test makers like to use counterintuitive answers, especially in Must Be True questions, because they just "sound" wrong to most people.

As for Answer A, there is no recommendation in the stimulus regarding what computer users should or should not do regarding their passwords. Even though writing passwords down does pose the greatest threat, it doesn't have to be true (i.e. "Must Be True") that computer users should follow this advice. Perhaps there are other considerations than security such as convenience that are outside the scope of the stimulus.