Why? Frequent password changes have been shown to result in weaker passwords. What’s wrong with keeping a strong one indefinitely? I mean an actual strong one not one character more than what’s currently bruteforceable.
Forever is vulnerable to phishing attacks, same reason why monthly is getting discouraged. Monthly is weaker because the average person does slight variation, which attackers LOVE.
Frequent password changes don’t protect against phishing.
And while a high frequency like monthly changes will probably result in even weaker passwords, also yearly changes will make people choose weak passwords.
Why? Frequent password changes have been shown to result in weaker passwords. What’s wrong with keeping a strong one indefinitely? I mean an actual strong one not one character more than what’s currently bruteforceable.
Forever is vulnerable to phishing attacks, same reason why monthly is getting discouraged. Monthly is weaker because the average person does slight variation, which attackers LOVE.
Frequent password changes don’t protect against phishing.
And while a high frequency like monthly changes will probably result in even weaker passwords, also yearly changes will make people choose weak passwords.