13 security myths collected by Ellen Messmer:
Myth #3 “Regular expiration (typically every 90 days) strengthens password systems”
Ari Juels, chief scientist, RSA: “In fact, recent research suggests that regular password expiration may not be useful,” and that if an organization is going to expire passwords, “it should do so on a random schedule, not a fixed one.”
(Via www.networkworld.com)
No comments:
Post a Comment