User Profile
torqued
Newbie Caller
Joined 6 years ago
User Widgets
Contribuciones
Re: Forced to reset my password
Allow me to point you to several sources over the last few years on why frequent password changes are bad: Time to rethink mandatory password changes | Federal Trade Commission From NIST - the United State National Institute for Standards and Technology. Q-B5: Is password expiration no longer recommended? A research paper from University of Maryland on why bits of entropy in a password matter more than rules like At least one uppercase letter, one lowercase letter, a number, and a symbol. http://www.cs.umd.edu/~jkatz/security/downloads/passwords_revealed-weir.pdf I think I'll believe the security experts over T-Mobile's security decisions.5Visto7likes0ComentariosRe: Forced to reset my password
T-mobile is way behind the times on this. It used to be best practice to change your password every few months to prevent someone from being able to repeatedly try to log in as you, with a new password guess each time. Now, it's considered significantly more risky to force a password change frequently because it increases the risk that people will write the password down somewhere like a notepad near the keyboard or a stickynote in the wallet. Unfortunately, T-Mobile's idea of security is to irritate enough customers that they leave for other providers, thus reducing their risk.5Visto5likes0Comentarios