This practice is not recommended anymore, yet still found in many enterprises.

  • DeviantOvary@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    3 months ago

    I would need to check (not in charge of it), but I do remember in the fat stack of guidelines we got there was the password policy of 90 days. However, the point still stands that some people have no digital hygiene and will write down and share their passwords in plain text for all to see even if we didn’t enforce password expiry. Though in all honesty, there’s no winning combination when so many don’t truly give a shit about digital security. As long as they can flaunt a certificate.