Viking_Hippie@lemmy.dbzer0.com to Mildly Infuriating@lemmy.worldEnglish · edit-214 hours agoThe inner fire of my hatred COULD melt steam beamslemmy.dbzer0.comimagemessage-square47fedilinkarrow-up1461arrow-down112file-textcross-posted to: memes@sopuli.xyz
arrow-up1449arrow-down1imageThe inner fire of my hatred COULD melt steam beamslemmy.dbzer0.comViking_Hippie@lemmy.dbzer0.com to Mildly Infuriating@lemmy.worldEnglish · edit-214 hours agomessage-square47fedilinkfile-textcross-posted to: memes@sopuli.xyz
minus-squareozymandias117@lemmy.worldlinkfedilinkEnglisharrow-up2·9 hours agoNIST’s official password guidelines state you should not have password expiry unless there is evidence of a compromise
minus-squareNewsteinleo@midwest.sociallinkfedilinkEnglisharrow-up1·2 hours agoThat’s because they only read 800-63B and skip the other three documents.
minus-squareozymandias117@lemmy.worldlinkfedilinkEnglisharrow-up1·8 hours agoThe majority of accounts I have don’t have an expiry I wouldn’t trust personal data with anything that does - they certainly don’t have any security professionals on staff
minus-squarebitchkat@lemmy.worldlinkfedilinkEnglisharrow-up1·5 hours agoEvery job I’ve had in the past 10 years makes us reset passwords periodically
minus-squareNewsteinleo@midwest.sociallinkfedilinkEnglisharrow-up1·2 hours agoMy last employer did not, life was so much better after the policy change. Although my director lost track of how long he had worked there because he stopped incrementing his password every three months.
NIST’s official password guidelines state you should not have password expiry unless there is evidence of a compromise
And no one listens to that.
That’s because they only read 800-63B and skip the other three documents.
The majority of accounts I have don’t have an expiry
I wouldn’t trust personal data with anything that does - they certainly don’t have any security professionals on staff
Every job I’ve had in the past 10 years makes us reset passwords periodically
My last employer did not, life was so much better after the policy change. Although my director lost track of how long he had worked there because he stopped incrementing his password every three months.