Passwords, Complexity, and Policy
Today I had a conversation with several club members on passwords. The most recent NIST recommendations say that having a password expiration policy is not good practice (in other words, new evidence has come to show that what we thought was good practice is not actually good practice). The idea behind rotating passwords was that…