Any company that still insists on forced password resets and frequent changes needs to learn about Social Engineering and Human Factors.
![](https://yiffit.net/pictrs/image/9cc54c76-0b13-4d34-839e-c02f85ec7adf.jpeg)
![](https://lemmy.world/pictrs/image/2e4870b7-4572-40b9-b469-63d1582317d6.jpeg)
These are the same companies that don't support second factors, only have their app as a second factor, or only SMS second factor. Is it too much to ask for smart card or token (yubikey) support?
You are viewing a single comment
What about when you go and log in tomorrow?
Maintain security by changing passwords every day. Easy.
Best security: change the password every Planck unit of time.
Rotating passkeys are pretty secure.