...not when you have empty planes being forced to fly due to scheduling rules.

Climate change costs way more than what that would save as manufacturing material.

+5 Funny

+5 Oxymoron

But that's why I said the government doesn't need to mandate any specific policies. They just need to mandate that some organization is set up and produces some reference implementation that's kept up-to-date continuously, and that every site must either use/contribute-to that implementation, or at least follow the latest policies of that implementation.

Hilariously done.

They probably declared it a carcinogen.

China being a dictatorship is completely irrelevant.

Taiwan claims the same territorial waters as China.

But he knows he's dogwhistling to the increasing demographic of rightwing voters who are coming around to believing that.

That's Goodhart's Law in a nutshell: “when a measure becomes a target, it ceases to be a good measure.”

You don't know how legislation works. The government doesn't mandate any specific policies. They just mandate that whatever industry standard is developed must be followed, and the industry standard itself evolves independently of the government.

Only when you stop trying to rewrite history to say that slavery was a good thing, DeSantis.

I said:

As I understand it, password changes is not current best-practice. Thank you for highlighting my point. Best practices are too hard to keep up with manually. It's better if you have reference implementations that removes these out-of-date practices as fast as possible, and have developers use these, instead of having to trust each developer to be properly and timely educated, on top of implementing the new rules correctly.

You should learn to read and carefully consider what has been said, before trying to nitpick with a point that is already accounted for.

As for 2FA, that's a shit solution. You shouldn't have to have a phone just to use websites. We need a better way that's not dependent on a phone that could get lost, or you'd have to change and then you'd have to remember to update every possible website with your phone details.

Plenty of countries now have data protection laws in place that makes companies liable for any data theft.

Password policy is DEFINITELY the government's business, insofar as being part of the data protection laws.

The "lifehack" I've heard some people use is to just use random answers to security questions. There is no reason to actually put your mother's maiden name for the security question of your mother's maiden name. They're not actually going to verify your mother's maiden name. All they'll verify is if they ask you the question and you provide the answer that was recorded.

So your mother's maiden name could be an arbitrarily long phrase that's easy to remember but has no actual content related in any way to your mother's maiden name.

Browsers come with password generators and storage. It shouldn't really be up to the user anymore to generate strong passwords. And I agree that sites should stop preventing strong passwords.