Any company that still insists on forced password resets and frequent changes needs to learn about Social Engineering and Human Factors.
These are the same companies that don't support second factors, only have their app as a second factor, or only SMS second factor. Is it too much to ask for smart card or token (yubikey) support?
You are viewing a single comment
BasePassword + today's date reporting for duty.
What about when you go and log in tomorrow?
Maintain security by changing passwords every day. Easy.
Best security: change the password every Planck unit of time.
Rotating passkeys are pretty secure.