this post was submitted on 20 Aug 2024
600 points (98.9% liked)
Cybersecurity - Memes
1964 readers
2 users here now
Only the hottest memes in Cybersecurity
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Isnt this just bad practice?
Yes. It’s such a bad practice the fucking White House released an official memo (M-22-09) telling people to stop doing it as part of executive order EO-14028 (federal zero trust strategy). It applies as a rule to all government and military entities and therefore has been carved out in exceptions for FedRAMP and other compliance frameworks. Stop forcing people to change their fucking passwords.
https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf
Ye this
Microsoft recommends against it since 2019. But apparently, it is still a thing.
The company I work for requires annual password changes because it is stipulated by our Cybersecurity insurance provider.