Beginners and Beyond

1234

Beat the heavy rain ThursdayDailes (Read 22 times)

sdWhiskers


     once a device is flagged as being yours, you enter your password only once every thirty days on that device

     

    I like this. Although I would probably forget the pw if its used only once in 30 days!

     

    Instead, we have ridiculously long pw that need to be changed often and basically every program I use at work is set to "time out' waaaaaay too soon. So the end result is people write their pw on a paper next to the computer 

    Cyberic


       

      I like this. Although I would probably forget the pw if its used only once in 30 days!

       

      Instead, we have ridiculously long pw that need to be changed often and basically every program I use at work is set to "time out' waaaaaay too soon. So the end result is people write their pw on a paper next to the computer 

       

      Exactly.

      And if you're intelligent IT, once you implement measures like I said, you don't make people change their password every day, but every year. On the flip side, there are password rules that make it impossible to just increment by 1, or use GoBradyGo2021! or Summer2021! and stuff like that.

       

      The end result is better security, and personnel that is not pissed off, and therefore is not looking for workarounds.

       

      But honestly, most IT security don't think like me, and simply add rules without thinking of the user experience. Even in my company, not everyone think like me, and I have to change my PW every 90 days too. But I'm slowly convincing everybody that what I'm preaching is better.

      1234