|
|
|
|
|
|
by Eun
3612 days ago
|
|
|
True in some points. Password rotation is bad. But isn't it better to rotate a bad password than keeping a bad password? Furthermore if you have a internal system, the administrator should enforce certainly password conditions.
They could even forbid the use of old passwords... |
|
|
If the current password is in the table, how long it has been in use doesn't matter.
Rotating passwords mostly addresses an internal workplace issue of sharing passwords between coworkers. That's a symptom of security culture problems and probably more deeply operational organization problems => why don't people have access to the tools they need when they need them?