all InfoSec news
A security team claims they won't allow password changes (at all) because of "security". I am trying to understand the rationale (they have not provided any, just "forbidden by policy").
May 18, 2023, 3:33 p.m. | /u/ildefonso_camargo
cybersecurity www.reddit.com
So, yes, as I mention on the subject. I heard of a security team who does not allow password changes because of "policy", and instead users have to use whatever password they provided. I am trying to find \*any\* way in which forbidding password changes completely could improve security, but cannot really think of anything this far.
I have read about not \*requiring\* password changes (unless you reasonably think the password(s) have been compromised) but instead require very strong …
claims cybersecurity forbidden hello password policy security security team team understand yes
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Incident Response Lead
@ Blue Yonder | Hyderabad
GRC Analyst
@ Chubb | Malaysia
Information Security Manager
@ Walbec Group | Waukesha, WI, United States
Senior Executive / Manager, Security Ops (TSSQ)
@ SMRT Corporation Ltd | Singapore, SG
Senior Engineer, Cybersecurity
@ Sonova Group | Valencia (CA), United States
Consultant (Multiple Positions Available)
@ Atos | Plano, TX, US, 75093