29 April 2019

Microsoft says expiring passwords are no longer secure


Microsoft will scrap its archaic password expiration policies in the upcoming Windows 10 May 2019 update to encourage organisations to implement more contemporary and effective security measures.

The update will apply to Windows 10 version 1903 and Windows Server version 1903 and to replace the time-based periodic password expirations, organisations should set up.

The company explained that if customers are required to change their password regularly, they are more likely to write down the passwords so they don't forget them and this could mean that others can quite easily get their hands on them, increasing the likelihood of them being stolen.

Microsoft also noted that if people are asked to change their passwords often, they probably will only make very small changes and thus they won't be particularly secure. They are also more likely to forget their passwords and will have to reset them, affecting user experience and loyalty.


No comments:

Post a Comment