Useless to have password expiration policies, says Microsoft

Tech giant Microsoft has admitted that periodic password expiration rules are not required and make systems more vulnerable to hacking

Microsoft

California: The annoying reminders by the IT team to change your system password are pointless, after all. Tech giant Microsoft has admitted that periodic password expiration rules are not required and make systems more vulnerable to hacking.

In its draft release of security configuration baseline settings for Windows 10, Microsoft proposed dropping the password expiration policies. When humans are forced to reset their passwords, they often write it down where others can see them, or make an obvious alteration to the existing password, making it easier to steal or detect.

Microsoft explained that removing password expiration policies does not mean changing requirements for minimum password length, history, or complexity. It is instead recommended that companies promote good password practice, and use multi-factor authentication.

Catch up on all the latest Crime, National, International and Hatke news here. Also, download the new mid-day Android and iOS apps to get the latest updates

Useless to have password expiration policies, says Microsoft

Related Stories

Tim Cook: Apple sets all-time revenue record in India, to open 4 new stores

AI imagery found lacking in diversity and depth

Rude Awakening

How low can you go?

Meta lays off employees across WhatsApp, Instagram and other divisions

Chilling Choices

Lazy Dribble