151

Any company that still insists on forced password resets and frequent changes needs to learn about Social Engineering and Human Factors. (yiffit.net)

submitted 9 months ago by l_b_i@yiffit.net to c/casualconversation@lemmy.world

61 comments fedilink hide all child comments

These are the same companies that don't support second factors, only have their app as a second factor, or only SMS second factor. Is it too much to ask for smart card or token (yubikey) support?

you are viewing a single comment's thread
view the rest of the comments

[-] henfredemars@infosec.pub 8 points 9 months ago

BasePassword + today's date reporting for duty.

[-] l_b_i@yiffit.net 3 points 9 months ago

What about when you go and log in tomorrow?

[-] AcornCarnage@lemmy.world 19 points 9 months ago

Maintain security by changing passwords every day. Easy.

[-] Nougat@kbin.social 1 points 9 months ago

Best security: change the password every Planck unit of time.

[-] PlatinumSf@pawb.social 1 points 9 months ago

Rotating passkeys are pretty secure.

this post was submitted on 06 Dec 2023

151 points (96.9% liked)

[Outdated, please look at pinned post] Casual Conversation

6470 readers

1 users here now

Share a story, ask a question, or start a conversation about (almost) anything you desire. Maybe you'll make some friends in the process.

RULES

Be respectful: no harassment, hate speech, bigotry, and/or trolling
Encourage conversation in your post
Avoid controversial topics such as politics or societal debates
Keep it clean and SFW: No illegal content or anything gross and inappropriate
No solicitation such as ads, promotional content, spam, surveys etc.
Respect privacy: Don’t ask for or share any personal information

Related discussion-focused communities

founded 1 year ago

MODERATORS

Mysterious_Macaxeira@lemmy.world

shinigamiookamiryuu@lemm.ee

Bl4ze@lemmy.world

KaneLivesInDeath@lemmy.world

orangeNgreen@lemmy.world

neidu2@feddit.nl