Email or username:

Password:

Forgot your password?
Top-level
Aleen (she/her)

@jsnell it's also creating alert fatigue--it's not going to take long for users to just allow everything all the time.

5 comments
Dan Ryan :dryan:

@jsnell @aleen yup. This is an anti pattern like requiring regular password changes. Net negative for user security.

Dr Sarah Hendrica Bickerton

@jsnell @aleen Yup, we saw the same thing with that period where everyone was required to regularly change their passwords by their companies ... it didn't result in greater security, it actually created less security because people were creating simpler easier passwords.

Jolle

@sarahhbickerton @jsnell @aleen “That period”? Is right now. Both my employer and our client is requesting that I change password every three months…
I hate it!

David Crooks 🏳️‍🌈🏳️‍⚧️

@aleen @jsnell I’d already replied to Jason about this, but - this is a very common operational issue that we deal with (I do security for big research infrastructures) - if the monitoring is always red then it’s telling you precisely nothing.

Go Up