600

submitted 2 months ago* (last edited 2 months ago) by cron@feddit.org to c/cybersecuritymemes@lemmy.world

86 comments fedilink hide all child comments

This practice is not recommended anymore, yet still found in many enterprises.

you are viewing a single comment's thread
view the rest of the comments

[-] esc27@lemmy.world 6 points 2 months ago

Never is too long. Monthly is way to short. I like the idea of doing it yearly in conjunction with other it security awareness and training campaigns.

[-] RecluseRamble@lemmy.dbzer0.com 10 points 2 months ago* (last edited 2 months ago)

Never is too long.

Why? Frequent password changes have been shown to result in weaker passwords. What's wrong with keeping a strong one indefinitely? I mean an actual strong one not one character more than what's currently bruteforceable.

[-] CompN12@lemmy.frozeninferno.xyz -1 points 2 months ago

Forever is vulnerable to phishing attacks, same reason why monthly is getting discouraged. Monthly is weaker because the average person does slight variation, which attackers LOVE.

[-] RecluseRamble@lemmy.dbzer0.com 3 points 2 months ago

Frequent password changes don't protect against phishing.

And while a high frequency like monthly changes will probably result in even weaker passwords, also yearly changes will make people choose weak passwords.

load more comments (1 replies)

load more comments (6 replies)

this post was submitted on 20 Aug 2024

600 points (98.9% liked)

Cybersecurity - Memes

1893 readers

1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Sam1232188@lemmy.fmhy.ml

Alphadef@programming.dev

CannaVet@lemmy.world