If you make people change their password every couple of weeks, doesn’t that lead to a security problem?
They’re likely to choose the name of their partner/home village/pet/themselves plus a number, e.g.
Pete1
Pete2
Pete3
and so on
If they are forced to bring some variety into it, i.e. not using words they’ve used before, they’re likely to write their password down, because they have to remember passwords for PC’s at home and work, passwords for apps, codes for stupid time reporting systems (that's another rant I've done earliler), pin numbers for their bank cards etc. The act of writing down the password is in itself another security risk.
I can understand the need to change passwords from time to time, but surely once every two weeks is overdoing it and actually lessening security?
They’re likely to choose the name of their partner/home village/pet/themselves plus a number, e.g.
Pete1
Pete2
Pete3
and so on
If they are forced to bring some variety into it, i.e. not using words they’ve used before, they’re likely to write their password down, because they have to remember passwords for PC’s at home and work, passwords for apps, codes for stupid time reporting systems (that's another rant I've done earliler), pin numbers for their bank cards etc. The act of writing down the password is in itself another security risk.
I can understand the need to change passwords from time to time, but surely once every two weeks is overdoing it and actually lessening security?
Comment