Eh, I think they should nag users to change their password proportional to how “strong” their password is. If you’re barely meeting the minimum: reset every few months. If you’re using a proper passphrase dozens of characters long: only reset if there’s evidence of compromise.
Eh, I think they should nag users to change their password proportional to how “strong” their password is. If you’re barely meeting the minimum: reset every few months. If you’re using a proper passphrase dozens of characters long: only reset if there’s evidence of compromise.