cron@feddit.org to Cybersecurity - Memes@lemmy.worldEnglish · edit-24 months agoYour password has expiredfeddit.orgexternal-linkmessage-square85fedilinkarrow-up1607arrow-down17file-text
arrow-up1600arrow-down1external-linkYour password has expiredfeddit.orgcron@feddit.org to Cybersecurity - Memes@lemmy.worldEnglish · edit-24 months agomessage-square85fedilinkfile-text
minus-squareslazer2au@lemmy.worldlinkfedilinkEnglisharrow-up11arrow-down5·4 months agoOnly on accounts that have MFA is password rotation no longer recommended. If the account is non MFA protected password changes are still recommend.
minus-squareVaryk@sh.itjust.workslinkfedilinkarrow-up6arrow-down1·edit-24 months agoreally? what’s the standard for that? like how often should you be rotating your password? I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
minus-squareskittlebrau@lemmy.worldlinkfedilinkarrow-up6·4 months agoI have over 500 passwords in my password manager. I don’t know what I’d do without it.
minus-squareslazer2au@lemmy.worldlinkfedilinkEnglisharrow-up3arrow-down1·4 months agoIt’s one of the updated NIST recommendations, I don’t recall which one but it specifically calls out no password cycling for MFA protected accounts.
Only on accounts that have MFA is password rotation no longer recommended.
If the account is non MFA protected password changes are still recommend.
really? what’s the standard for that? like how often should you be rotating your password?
I assumed many people forget their new passwords (because I often do) and become compromised than are protected by continually rotating passwords.
I have over 500 passwords in my password manager. I don’t know what I’d do without it.
It’s one of the updated NIST recommendations, I don’t recall which one but it specifically calls out no password cycling for MFA protected accounts.