You assume the person would never change the password. Someone with that long password is probably security concerned and is likely to change it after some time, even if its once in a year.
Why is changing passwords bad practice? What is the reasoning behind this? Changing passwords is highly recommended. There are many reasons why one should do this. Found this article: https://www.linkedin.com/pulse/why-passwords-must-periodically-changed-roger-grimes and don’t agree. The argumentation seems like if you have to remember all passwords, but totally ignores password managers.
NIST used to tell orgs to require password rotation. Some years ago they changed their recommendation with an explanation that it adds not security benefits while it encourages users to write down or use shittier passwords.
You assume the person would never change the password. Someone with that long password is probably security concerned and is likely to change it after some time, even if its once in a year.
Yeah but you’d have to write it across like, 10 post-it notes along the top of your monitor. That’d get expensive!
Or just use a password manager. Then you only need to store one password across 15 post-it notes.
NIST does not recommend changing passwords. Its usually a bad practice
Why is changing passwords bad practice? What is the reasoning behind this? Changing passwords is highly recommended. There are many reasons why one should do this. Found this article: https://www.linkedin.com/pulse/why-passwords-must-periodically-changed-roger-grimes and don’t agree. The argumentation seems like if you have to remember all passwords, but totally ignores password managers.
NIST used to tell orgs to require password rotation. Some years ago they changed their recommendation with an explanation that it adds not security benefits while it encourages users to write down or use shittier passwords.