all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A security team claims they won't allow password changes (at all) because of "security". I am trying to understand the rationale (they have not provided any, just "forbidden by policy").

Add to bookmarks
May 18, 2023, 3:33 p.m. | /u/ildefonso_camargo

cybersecurity www.reddit.com

Hello,

So, yes, as I mention on the subject. I heard of a security team who does not allow password changes because of "policy", and instead users have to use whatever password they provided. I am trying to find \*any\* way in which forbidding password changes completely could improve security, but cannot really think of anything this far.

I have read about not \*requiring\* password changes (unless you reasonably think the password(s) have been compromised) but instead require very strong …

claims cybersecurity forbidden hello password policy security security team team understand yes

Visit resource

More from www.reddit.com / cybersecurity

Is there currently a downturn in hiring? an hour ago | www.reddit.com
cybersecurity downturn hiring
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw an hour ago | www.reddit.com
critical cybersecurity flaw rce +3
OSINT Investigation into the LockBit Leader 2 hours ago | www.reddit.com
cybersecurity investigation leader lockbit +1
LockBit leader unmasked and sanctioned 5 hours ago | www.reddit.com
cybersecurity leader lockbit unmasked
SOC L3 feels like customer service 5 hours ago | www.reddit.com
alert alerts analyst connections +15
Hey cybersecurity peeps, what have you automated? 6 hours ago | www.reddit.com
automate automated boys can +8
Hackers discover how to reprogram NES Tetris from within the game 7 hours ago | www.reddit.com
cybersecurity discover game hackers +1
How can I break into cybersecurity after my IT audit internship? 15 hours ago | www.reddit.com
audit can cybersecurity don +1
It's RSA week, so get ready for some of the dumbest cybersec shit to be … 18 hours ago | www.reddit.com
business ciso cybersec cybersecurity +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Incident Response Lead

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

GRC Analyst

@ Chubb | Malaysia
View on infosec-jobs.com

Information Security Manager

@ Walbec Group | Waukesha, WI, United States
View on infosec-jobs.com

Senior Executive / Manager, Security Ops (TSSQ)

@ SMRT Corporation Ltd | Singapore, SG
View on infosec-jobs.com

Senior Engineer, Cybersecurity

@ Sonova Group | Valencia (CA), United States
View on infosec-jobs.com

Consultant (Multiple Positions Available)

@ Atos | Plano, TX, US, 75093
View on infosec-jobs.com
View more jobs