Best approach I've ever seen:
Default password (set by admin if it expired or was forgotten): Corpname123
Forced change every month. So in January it was 01Corpname123, in Feb 02Corpname123, ...
Breaking #itsecurity by bad policy.
49% of workers, when forced to update their password, reuse the same one with just a minor changehttps://www.grahamcluley.com/49-of-workers-when-forced-to-update-their-password-reuse-the-same-one-with-just-a-minor-change/ …
-
-
-
Shakes head before hitting it against brick wall.
Kraj razgovora
Novi razgovor -
-
-
The other 51% lied.
-
Winter2019! Spring2020$ ^Only two characters reused
Kraj razgovora
Novi razgovor -
-
-
Maybe we should try to build human-centered systems that do not demand the cognitively impossible?
-
Good idea, that's still an open challenge. Any ideas are appreciated :-)
- Još 3 druga odgovora
Novi razgovor -
-
-
Corporate policy was to force a password change on the 1st of every month. System prevented anyone reusing a previous password. No one allowed to write the password down. How to remember... how to remember...? January2019, February2019, March2019...
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Of course we do, because out current password policies are bad, and thus predicate coping mechanisms.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
I don't believe that 51% of users make major changes to passwords when forced to change. I think people regularly tell pollsters what they think is the right answer...maybe even what they plan to do.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Yup I do this.
-
Because changing passwords every 30 days when there is no compromise is ridiculous.
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.