My company insists on expiring passwords every 28 days, and prevents reuse of the last 24 passwords. Passwords must be 14+ characters long, with forced minimum complexity requirements. All systems automatically lock or logout after 10 minutes of inactivity, so users are forced to type in their credentials frequently throughout the day.
Yes people suck with creating decent credentials, but it’s the company’s security policies breeding that behavior.
And yet admin, 1234, test, etc. remain the most commonly ‘hacked’ passwords. Your company’s policies may be annoying, but they certainly don’t make you use unsafe passwords.
Same. They also don’t allow password managers and I have multiple systems that don’t use my main password, so I have at least 5-6 work passwords for different systems.
Nobody can remember all that.
So everyone makes the simplest password they can (since it has to be regularly typed in) and writes it down somewhere so they don’t forget it.
It’s not for your security, it’s for the company’s. People suuuuuuuuck when it comes to credentials.
My company insists on expiring passwords every 28 days, and prevents reuse of the last 24 passwords. Passwords must be 14+ characters long, with forced minimum complexity requirements. All systems automatically lock or logout after 10 minutes of inactivity, so users are forced to type in their credentials frequently throughout the day.
Yes people suck with creating decent credentials, but it’s the company’s security policies breeding that behavior.
And yet admin, 1234, test, etc. remain the most commonly ‘hacked’ passwords. Your company’s policies may be annoying, but they certainly don’t make you use unsafe passwords.
I don’t get why people get upset at frequently expiring passwords. It’s not hard: just write it on a postit note and stick it on your monitor.
Same. They also don’t allow password managers and I have multiple systems that don’t use my main password, so I have at least 5-6 work passwords for different systems.
Nobody can remember all that.
So everyone makes the simplest password they can (since it has to be regularly typed in) and writes it down somewhere so they don’t forget it.