This practice is not recommended anymore, yet still found in many enterprises.
oh i didn't know that, are companies finally realizing that creating and trying to remember new passwords causes more trouble then keeping one really good password?
Only on accounts that have MFA is password rotation no longer recommended.
If the account is non MFA protected password changes are still recommend.
really? what's the standard for that? like how often should you be rotating your password?
I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
I have over 500 passwords in my password manager. I don’t know what I’d do without it.
It's one of the updated NIST recommendations, I don't recall which one but it specifically calls out no password cycling for MFA protected accounts.
Only the hottest memes in Cybersecurity
oh i didn't know that, are companies finally realizing that creating and trying to remember new passwords causes more trouble then keeping one really good password?
Only on accounts that have MFA is password rotation no longer recommended.
If the account is non MFA protected password changes are still recommend.
really? what's the standard for that? like how often should you be rotating your password?
I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
I have over 500 passwords in my password manager. I don’t know what I’d do without it.
It's one of the updated NIST recommendations, I don't recall which one but it specifically calls out no password cycling for MFA protected accounts.