Comment Re:"Force"? (Score 1) 429
Concur 100%
I worked at a place which enforced a password change every 90 days. They also tried to make it difficult to reuse passwords by keeping a password history o 12 entries.
My solution is handle the situation was to come up with a simple algorithm to enumerate passwords (baseXY or XbaseY) which were system compliant and easy to remember.
Point is that narrow-sighted policies are leading to insecure imlementations. Any workplace which require the handling of 3 passwords or more is insecure by human natures inability.
To reduce the number of passwords being used the companies needs to adopt single sign-on strategies for all future, current and legacy applications.
I doubt that will happen anywhere anytime soon.
I worked at a place which enforced a password change every 90 days. They also tried to make it difficult to reuse passwords by keeping a password history o 12 entries.
My solution is handle the situation was to come up with a simple algorithm to enumerate passwords (baseXY or XbaseY) which were system compliant and easy to remember.
Point is that narrow-sighted policies are leading to insecure imlementations. Any workplace which require the handling of 3 passwords or more is insecure by human natures inability.
To reduce the number of passwords being used the companies needs to adopt single sign-on strategies for all future, current and legacy applications.
I doubt that will happen anywhere anytime soon.
