[kube-system]

Not sure I'd call it a 'bad bad practice' for a user to do it voluntarily, but it's unnecessary.

I think the above commenter is thinking about the requirement a user to change a password on a timed basis. There's been a good bit of research done in this area, and the consensus is that it just causes most people to stick a number at the end of their password anyway, making the policy completely worthless at best, but it often leads to people writing their passwords down.

[kaazhan]

Do you have a link to the research you're speaking about ? My company is really about this kind of things and i'm not convinced it's really usefull

[kube-system]

It’s not research, but I would point them at NIST 800-63. These are well thought out standards that the entire US government follows. It would be tough to find a more comprehensive or authoritative source that says otherwise.

https://www.nist.gov/itl/tig/projects/special-publication-80...

[stjohnswarts]

Yeah I think it does more harm than good for sure.