top | item 21788685

(no title)

joyjoyjoy | 6 years ago

"This should not be a surprise, as this supports the NIST's revised recommendations (from June 2017!) that passwords should not expire [0], because it actually leads to less-secure passwords for this exact reason."

THIS. 10 Times This.

Would somebody be so kind to tell this to the eRA Commons website maintainer of the NIH?

And when you are one it, please tell eBay I don't want to change my PW if they think someone else tried to log into my account based on their shitty Tracking metrics. I mostly switched from Amazon to eBay but the constant PW change request really annoy me. I have one plain vanilla browser with no anti track plug-ins only for eBay.

I once send them a message, that I consider their security guy an idiot, told them to forward him my cell phone number and ask him to give me a call to discuss this PW policy. He never called. :-)

discuss

joyjoyjoy|6 years ago

And since we are on it, if I had a wish I would wish a nerd password option for one time passwords based on regular expressions.