It's a cruel system - eviltoast
  • Cypher@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    15 hours ago

    Forcing password changes too frequently is actually a security risk, as it encourages bad practices like re-use, iteration, keyboard walks and writing the passwords down.

    There are reasonable limits to impose on this, and educating users with demonstrations such as haveibeenpwned have been highly effective in my experience.