this post was submitted on 20 Aug 2024
592 points (98.8% liked)

Cybersecurity - Memes

1975 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
592
submitted 3 months ago* (last edited 3 months ago) by cron to c/cybersecuritymemes@lemmy.world
 

This practice is not recommended anymore, yet still found in many enterprises.

you are viewing a single comment's thread
view the rest of the comments
[–] GreyEyedGhost@lemmy.ca 7 points 3 months ago

My company changed the policy to increase the time between password changes. To compensate, they increased the required password length.

Neither of these policy changes were communicated to the employees. The expiry time tells you when it arrives (don't tell me you change it before it expires, good for you if you do), but if your new password doesn't meet the policy requirements it doesn't tell you what they are. The support request response indicated the minimum length was three letters longer. The only good thing about this ordeal is that I get paid by the hour.