Julian Gamble
Niki TonskyA bit of common sense for you https://tailscale.com/blog/frequent-reath-security
Obligatory video
Tock@nikitonsky She's not wrong. Anguish of the world's people right here.
Sara Joy 
@nikitonsky this is amazing and she's so right
Karl Voit 
@nikitonsky Oh I wish she'd be sitting in my #pim lecture. 🤷
Steve Frenzel@nikitonsky damn I feel her 100%
The Animal and the Machine@nikitonsky @VioletPixel
Changing your password every 5 minutes doesn’t make you safer. They should stop making you do this.
ThisPasswordThatIsChangedOnceAYear is many orders of magnitude more secure than an 8 character with special characters changed monthly.
Also enforcing special characters reduces the potential combinations so if that is known going in, the password is weaker. Recommending them but not enforcing them is the most secure as the attack combos are required are massive regardless of actual PW
Social engineering is the weakest part so we need easier passwords in every regard.
Minimum16NoRules is best. It’s as long as the words. Touch typists can hammer out a 24 character or long passphrase password in seconds that is basically unbreakable by current technology. So unbreakable it would take 10,000 years so an annual password change is conservative.
Barbie Schlotterstein@nikitonsky seems to be @koehntopp related 😂
Advanced Persistent Teapot@nikitonsky felt this in my fuckin bones
Alpha Male Martha Stewart 🍉🌈@nikitonsky I mean.... she's not wrong.
@fiend_unpleasant not at all
r҉ustic cy͠be̸rpu̵nk🤠🤖@nikitonsky I've never felt so soothed before in my life by relating to such frustration
Nathan King@nikitonsky Preach!
podfeet@nikitonsky my favorite line: “If authentication is good, then surely more authentication is better, right? Like taking vitamins — one a day is good, so twenty must be great! Except, well, that’s not how anything works.”
U.Lancier@nikitonsky If reauth-ing is necessary it screams "first time wasn't secure!". So why should a second one for the *same* be anything better?!?