this post was submitted on 24 Jul 2023
1011 points (99.8% liked)

Programmer Humor

32495 readers
488 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] vzq@lemmy.blahaj.zone 9 points 1 year ago* (last edited 1 year ago)

NIST removed password expiration from their recommendations in 2020. Instead they recommend only forcing password changes when compromise is suspected.

The main argument is that they do not make users or systems demonstrably safer and encourage bad password habits.