196

16444 readers

1806 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago

MODERATORS

[email protected]

434

Grule policy (lemmy.world)

submitted 1 year ago by [email protected] to c/[email protected]

15 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 47 points 1 year ago (3 children)

Must change every 90 days

It has been 6 years since NIST told companies to stop doing this. And I'd be willing to bet there are more companies still mandating this than ones that don't.

[–] [email protected] 26 points 1 year ago* (last edited 1 year ago)

My old job had that policy. I decided I would not try to remember my passwords. Instead I had I.T. on speed dial and I would just call them daily to change my password to the one I liked. They hated me. I don’t work there anymore. For unrelated reasons. I think.

[–] [email protected] 19 points 1 year ago* (last edited 1 year ago)

I wish I only had to change my passwords every 90 days. That would be a dream.

I'll just have to refer to the unofficial password sticky note that everyone in the office shares containing all the usernames and passwords, and the date on which they were last changed, that was started less than a week after the password change policy.

It's hilariously insecure, but we just can't deal with the password load. It's too much work. We'd sooner be fired if we had to comply with the password policy.

[–] [email protected] 2 points 1 year ago

I'm very glad that my company took the note and only require a password change once a year