User: Password:
Subscribe / Log in / New account

Forcing updates

Forcing updates

Posted Feb 12, 2009 12:25 UTC (Thu) by flewellyn (subscriber, #5047)
In reply to: Forcing updates by pcampe
Parent article: Forcing updates

Frequent password changes don't necessarily enhance security. In fact, they can be a detriment, because if you have to change your password often, it means you have to remember a new one, and this can lead to either using easier-to-remember passwords based on dictionary words (bad), or writing passwords down and taping them to your monitor (also bad).

Far better, I think, to insist on users having a good, solid, secure password that is not easy to predict, and then keeping it safe and in place for as long as it's secure. Or creating an environment in which fewer passwords are necessary, using things like cryptographic keys and such.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds