Zorin =^o.o^=May 12, 2023

I really hate password/PIN code expiration. It WORSENS security, because you're forced to remember a new password/PIN and after forgetting it a few times will probably write it down. Or you might be tempted to use an easier to remember and less secure password.

NIST no longer recommends expiring credentials regularly. PLEASE STOP DOING THIS.

Show threadLutruloMay 12, 2023
@zorinlynx Shout-out to my employer that requires password changes every *three months*.
Show threadOtterSparx | ΘΔ 🦦 | ☀️🌒 | 🔜 FWA
@Lutrulo @zorinlynx My current employer also does this, but my previous one required it every single month. It was madness.
May 12, 2023 at 6:19pmWeb