I have approximately 12 different passwords to remember for work, all with separate requirements, the longest of which lasts 3 months. I work in a kitchen. Is someone going to steal my password in order to…monitor the temperature and humidity of our dry storage? Unlikely. Sometimes, password requirements and constant changing, while a “best practice,” leads to a larger headache than the actual risk.
Don’t believe anyone who says constant changing of passwords is “best practice,” it’s not. The constant changing typically leads to less secure passwords and practices by end users.
I have approximately 12 different passwords to remember for work, all with separate requirements, the longest of which lasts 3 months. I work in a kitchen. Is someone going to steal my password in order to…monitor the temperature and humidity of our dry storage? Unlikely. Sometimes, password requirements and constant changing, while a “best practice,” leads to a larger headache than the actual risk.
Don’t believe anyone who says constant changing of passwords is “best practice,” it’s not. The constant changing typically leads to less secure passwords and practices by end users.
It’s discouraged by NIST now too. Basically the only requirement is that you have some sort of policy in place.