Comment on No, Steam wasn’t hacked, and your account details are safe
nokturne213@sopuli.xyz 1 month agoA long, strong, unique password is better than frequent password changes.
Comment on No, Steam wasn’t hacked, and your account details are safe
nokturne213@sopuli.xyz 1 month agoA long, strong, unique password is better than frequent password changes.
sirico@feddit.uk 1 month ago
Why not both? My main argument was that while some seem to be saying that the outcry wasn’t justified, it probably made many people have a closer look at their security.
scops@reddthat.com 1 month ago
I believe the main concern for periodic password changes is that most people won’t take the time to generate unique passwords each time. They will typically iterate a password over time, meaning a couple leaked passwords will narrow down guesswork to a trivial number of guesses and remove the benefit of the timed changes.
NIST no longer recommends password expirations except for cases where it is believed that a breach occurred.
JustAnotherKay@lemmy.world 1 month ago
The other issue with periodic password changes, particularly in the workplace but also relevant in normal life, is that it causes people to write down their password. The issues with that should be glaring enough
ripcord@lemmy.world 1 month ago
What if they write it down in a single, centralizedz password manager? Which itself could be compromised?
That’s the only way I can keep the literally 100 accounts ive accumulated over the years straight, without reusing passwords.
And while I believe that is reasonably secure in my case, if that got compromised I’d be pretty screwed (well, 2fa would probably still limit the worst of it). But most people probably wouldn’t even be that secure about it.