Forcing people to change their passwords is officially a bad idea
A US standards agency has issued new guidance saying organisations shouldn’t require users to change their passwords periodically – advice that is backed up by decades of research
What's Your Reaction?