cron@feddit.org to Cybersecurity - Memes@lemmy.worldEnglish · 1 year agoYour password has expiredfeddit.orgimagemessage-square82linkfedilinkarrow-up1607arrow-down17file-text
arrow-up1600arrow-down1imageYour password has expiredfeddit.orgcron@feddit.org to Cybersecurity - Memes@lemmy.worldEnglish · 1 year agomessage-square82linkfedilinkfile-text
minus-squareslazer2au@lemmy.worldlinkfedilinkEnglisharrow-up11arrow-down5·1 year agoOnly on accounts that have MFA is password rotation no longer recommended. If the account is non MFA protected password changes are still recommend.
minus-squareVaryk@sh.itjust.workslinkfedilinkarrow-up6arrow-down1·edit-21 year agoreally? what’s the standard for that? like how often should you be rotating your password? I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
minus-squareicallthebigonebitey@lemmy.worldlinkfedilinkarrow-up6·1 year agoI have over 500 passwords in my password manager. I don’t know what I’d do without it.
minus-squareslazer2au@lemmy.worldlinkfedilinkEnglisharrow-up3arrow-down1·1 year agoIt’s one of the updated NIST recommendations, I don’t recall which one but it specifically calls out no password cycling for MFA protected accounts.
Only on accounts that have MFA is password rotation no longer recommended.
If the account is non MFA protected password changes are still recommend.
really? what’s the standard for that? like how often should you be rotating your password?
I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
I have over 500 passwords in my password manager. I don’t know what I’d do without it.
It’s one of the updated NIST recommendations, I don’t recall which one but it specifically calls out no password cycling for MFA protected accounts.