@[email protected] to Cybersecurity - [email protected]English • edit-230 days agoYour password has expiredfeddit.orgimagemessage-square86fedilinkarrow-up1606arrow-down16file-text
arrow-up1600arrow-down1imageYour password has expiredfeddit.org@[email protected] to Cybersecurity - [email protected]English • edit-230 days agomessage-square86fedilinkfile-text
minus-square@[email protected]linkfedilink23•edit-230 days agooh i didn’t know that, are companies finally realizing that creating and trying to remember new passwords causes more trouble then keeping one really good password?
minus-squareslazer2aulinkfedilinkEnglish6•30 days agoOnly on accounts that have MFA is password rotation no longer recommended. If the account is non MFA protected password changes are still recommend.
minus-square@[email protected]linkfedilink5•edit-230 days agoreally? what’s the standard for that? like how often should you be rotating your password? I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
minus-square@[email protected]linkfedilink6•30 days agoI have over 500 passwords in my password manager. I don’t know what I’d do without it.
minus-squareslazer2aulinkfedilinkEnglish2•30 days agoIt’s one of the updated NIST recommendations, I don’t recall which one but it specifically calls out no password cycling for MFA protected accounts.
oh i didn’t know that, are companies finally realizing that creating and trying to remember new passwords causes more trouble then keeping one really good password?
Only on accounts that have MFA is password rotation no longer recommended.
If the account is non MFA protected password changes are still recommend.
really? what’s the standard for that? like how often should you be rotating your password?
I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
I have over 500 passwords in my password manager. I don’t know what I’d do without it.
It’s one of the updated NIST recommendations, I don’t recall which one but it specifically calls out no password cycling for MFA protected accounts.