User Profile
ExecuServices
Newbie Caller
Joined 5 years ago
User Widgets
Contribuciones
Re: Forced to reset my password
From 2016:https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes We have known for a while now that password resets are ineffective and even less secure, especially since many users will write down the password, store it on their phone, or like I see at the office ALL the time, just put their password right on a post it note on their desktop, for co-workers, utility guys and janitors to enjoy. Not to mention the social media posts. I went through my friends pictures and about half of them had shots at their desk or with their laptop with at least a partially visible password. You are really making social engineering easier with this.5Visto3likes0ComentariosRe: Forced Password Change
This isnt about the security team being lazy, this is more about the security team being bad at what they do. It has been shown over and over that forcing password changes is LESS secure. For anyone that wants to hack someones TMobile account, it is really easy, all you need to do is get access to their desks or wherever they store their passwords for accounts like this. Usually a post it note on their desk. If you are lucky you can get it from a selfie at their desk with it accidentally in the background.4Visto3likes0Comentarios