558
Take your passkey and shove it where the sun don't shine
(lemmy.world)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 28 Feb 2025
558 points (100.0% liked)
memes
12193 readers
1797 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads
No advertisements or spam. This is an instance rule and the only way to live.
A collection of some classic Lemmy memes for your enjoyment
Sister communities
- !tenforward@lemmy.world : Star Trek memes, chat and shitposts
- !lemmyshitpost@lemmy.world : Lemmy Shitposts, anything and everything goes.
- !linuxmemes@lemmy.world : Linux themed memes
- !comicstrips@lemmy.world : for those who love comic stories.
founded 2 years ago
MODERATORS
It's not for your security, it's for the company's. People suuuuuuuuck when it comes to credentials.
My company insists on expiring passwords every 28 days, and prevents reuse of the last 24 passwords. Passwords must be 14+ characters long, with forced minimum complexity requirements. All systems automatically lock or logout after 10 minutes of inactivity, so users are forced to type in their credentials frequently throughout the day.
Yes people suck with creating decent credentials, but it's the company's security policies breeding that behavior.
I don't get why people get upset at frequently expiring passwords. It's not hard: just write it on a postit note and stick it on your monitor.
Tell them the NIST recommendations for password frequency changes have been really reduced in recent times because it pushes people into other bad password practices. Among all factors, changing the password frequently is the least important.
Same. They also don't allow password managers and I have multiple systems that don't use my main password, so I have at least 5-6 work passwords for different systems.
Nobody can remember all that.
So everyone makes the simplest password they can (since it has to be regularly typed in) and writes it down somewhere so they don't forget it.
And yet admin, 1234, test, etc. remain the most commonly 'hacked' passwords. Your company's policies may be annoying, but they certainly don't make you use unsafe passwords.