Your password has expired
Your password has expired
This practice is not recommended anymore, yet still found in many enterprises.
You're viewing a single thread.
oh i didn't know that, are companies finally realizing that creating and trying to remember new passwords causes more trouble then keeping one really good password?
23 0 ReplyOnly on accounts that have MFA is password rotation no longer recommended.
If the account is non MFA protected password changes are still recommend.
11 5 Replyreally? what's the standard for that? like how often should you be rotating your password?
I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
6 1 ReplyI have over 500 passwords in my password manager. I don’t know what I’d do without it.
6 0 ReplyIt's one of the updated NIST recommendations, I don't recall which one but it specifically calls out no password cycling for MFA protected accounts.
3 1 Reply