[ad_1]
Already had to change your password for no reason?
Facebook
Before, it was annoying. Now, it's useless.
Microsoft has admitted that one of the great scourges of our time, the password reset rule, is deception.
"When humans are assigned or forced to create hard-to-remember passwords, they write them too often where others can see them," says Microsoft. Aaron Margosis wrote in a blog Wednesday. Worse, wrote Margosis, when people are forced to change their passwords, they too often bring a "small predictable change to their existing password", otherwise they forget it. (Duh).
The blog article presents a broader set of "basic" security settings that Microsoft plans to recommend to companies using its computer management software. Think of them as defects of a kind.
Unfortunately, Microsoft is not just removing the password reset feature, which would be a human thing to do. In the end, it will always be up to the technical team of your company to listen to the reason or continue to live in the stone age of security.
It should be noted that Microsoft does not change the guidelines for creating passwords. In fact, the company recommends that companies ban more and more bad passwordsand require employees to use multifactor authentication. (At CNET, we are also fans of password managers.)
But do not get me wrong, Microsoft, whose Windows software feeds nearly 80% of the world's computers, has finally emerged. "The periodic expiration of the password is an old and obsolete mitigation measure of very low value," Margose wrote.
[ad_2]
Source link