Forced password changes are not good security policy

To combat this unintelligent BS I am now starting a list of idiots that do this.

For so long I have read and heard that a GREAT security feature is to force your users to change passwords every so many days/months. Linux even has a built in feature for this.

This is a really stupid idea for many, many reasons. #1 a password is a password is a password. If a hacker can guess one they can guess another. Simply forcing users to change passwords is a false feeling of security.

Another reason it is a piss poor idea is, users usually use another form of their password so they can remember it, which again solves nothing whatsoever.

Another reason this is a stupid idea is people will often forget their password.

Another reason this is a bad idea is because users usually either write their password down or store it in a regular note type program on their phone, more are using password saving software. I once used a password saver, it worked great it saved all my passwords… except for the password to unlock it. I quit using them after that. LOL

You can read more about the treacheries of forced password cycling here.

You will notice others say the same things and more here.

Even Microsoft realizes this is bad idea that should be left in the past.

List of Idiots

#1 Chase

This company is run by total idiots who have not come to the year 2022 yet. Not only do they FORCE you to change your password. THEY JUST EXPIRE IT WITHOUT WARNING So you go to login and it tells you that your login info is wrong. It doesn’t even hint that it has decided it is now magically time to change your password, which is a REALLY BADDDDDDDDDDDDDDDDDDDDDDDDDD OLD  WORN OUT PROVEN WRONG IDEA.

I just want to know what kind of idiot comes up with these highly incompetent ideas? Is it the lead security officer? Who do they hire to make such BAD decisions????


Yeah it is run by the government what else would you expect other than a group operating on 20 year old info. Yay for Government!!!




, , ,



This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: