this post was submitted on 27 Jul 2023
1478 points (98.2% liked)

Memes

45673 readers
791 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 101 points 1 year ago (34 children)

And despite security recommendations, too many IT depts still force password resets every 90 days...

And people confronted with this change their password from "p@55w0rd!1" to "p@55w0rd@2". Yep extra-secure!

[–] [email protected] 5 points 1 year ago (1 children)

And despite security recommendations, too many IT depts still force password resets every 90 days...

It could be for contractual or for insurance reasons. We have some contracts with government agencies that require it, and our cyberinsurance also does. Even though NIST has been recommending for years to do long passphrase + MFA and no reset unless you suspect compromise.

So yeah, the reason behind this might not be just plain incompetence.

[–] [email protected] 1 points 1 year ago

Doesn't that just mean it's the government agencies and insurance that are incompetent?

load more comments (32 replies)