600
Your password has expired (feddit.org)
submitted 4 weeks ago* (last edited 4 weeks ago) by cron@feddit.org to c/cybersecuritymemes@lemmy.world
86 comments fedilink hide all child comments

This practice is not recommended anymore, yet still found in many enterprises.

you are viewing a single comment's thread
view the rest of the comments
[-] muntedcrocodile@lemm.ee 42 points 4 weeks ago

Isnt this just bad practice?

[-] fishpen0@lemmy.world 60 points 4 weeks ago* (last edited 4 weeks ago)

Yes. It’s such a bad practice the fucking White House released an official memo (M-22-09) telling people to stop doing it as part of executive order EO-14028 (federal zero trust strategy). It applies as a rule to all government and military entities and therefore has been carved out in exceptions for FedRAMP and other compliance frameworks. Stop forcing people to change their fucking passwords.

https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf

[-] cron@feddit.org 24 points 4 weeks ago

Microsoft recommends against it since 2019. But apparently, it is still a thing.

[-] dditty@lemm.ee 1 points 4 weeks ago

The company I work for requires annual password changes because it is stipulated by our Cybersecurity insurance provider.

this post was submitted on 20 Aug 2024
600 points (98.9% liked)

Cybersecurity - Memes

1893 readers
4 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Sam1232188@lemmy.fmhy.ml
Alphadef@programming.dev
CannaVet@lemmy.world