this post was submitted on 20 Aug 2024
592 points (98.8% liked)

Cybersecurity - Memes

1975 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
592
submitted 3 months ago* (last edited 3 months ago) by cron to c/cybersecuritymemes@lemmy.world
 

This practice is not recommended anymore, yet still found in many enterprises.

you are viewing a single comment's thread
view the rest of the comments
[–] ITGuyLevi@programming.dev 1 points 3 months ago (1 children)

Have you considered scripting it? For a while I worked at a place that required changing passwords every 60 days and it couldn't have been one of your previous 24 passwords. When checking out the policy I noticed there was no minimum password age so a quick for loop later and Bob becomes your mother's brother. Quickly cycling through 24 random passwords and back to my secure one and no more just adding the month/year.

Of course I reported it to cyber and about a year later they added a minimum age, now I'm hoping to get them to address an issue in AD that sidesteps changing passwords (though that one may be around for a while).

[–] ObsidianZed@lemmy.world 2 points 3 months ago (1 children)

Unfortunately I don't think that's possible for my situation. Most of my passwords require logging into a portal and accepting terms of agreements.

[–] ITGuyLevi@programming.dev 1 points 3 months ago (1 children)

Yeah, future me wonders why I even suggested it, I'm sure it probably violates the spirit of password change requirements.

[–] ObsidianZed@lemmy.world 2 points 3 months ago

I mean it's a clever solution for those without password manages. Plus most of the suggestions in these comments violate the spirit of password change requirements.