Why you shouldn't force regular password expiry

AdviceCyber Security
Written By James Kimbley

Regular password expiry is a common requirement in many security policies. However, in the Password Guidance published in 2015, we explicitly advised against it. This article explains why we made this (for many) unexpected recommendation, and why we think it’s the right way forward.

Continue reading at the NCSC website.

James Kimbley
I am the founder of Kimbley IT.
www.kimbley.com
Previous

Connecting Cloud services is incredibly easy – and useful. But do you really know what you are agreeing to?
Next

How Inform Accounting uses Cloud Services tied with IT Support to improve the service they offer clients.