TrumpetBoards.com
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups

    Password expiry - why?

    Suggestion Box
    4
    7
    373
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jolter last edited by Jolter

      Hi,
      Any particular reason why passwords on this site expire?

      I ask because the current consensus among security experts seems to be that it's a counterproductive practice.

      Microsoft gives a good summary of the arguments:
      https://docs.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide

      Password expiration requirements do more harm than good, because these requirements make users select predictable passwords, composed of sequential words and numbers which are closely related to each other. In these cases, the next password can be predicted based on the previous password. Password expiration requirements offer no containment benefits because cyber criminals almost always use credentials as soon as they compromise them.

      A very good modern way to safeguard our credentials would be to check them against https://haveibeenpwned.com/ or similar service, something even the NIST is now recommending.

      Yamaha YTR-8335G
      Monke Bb trumpet
      Carol Brass flugelhorn
      YTR-6810 piccolo
      Burbank Eb/D
      Various antique cornets & horns in various keys

      1 Reply Last reply Reply Quote 1
      • administrator
        administrator Global Moderator last edited by

        I don't remember enabling that feature. However, your best bet is to sign on using an SSO by Google or Facebook. Then you don't have to worry about passwords at all.

        J 1 Reply Last reply Reply Quote 0
        • J
          Jolter @administrator last edited by

          @administrator Thanks for answering!

          I prefer not to link every online identity together - It's far too easy to get arbitrarily disconnected from your Facebook account. I just don't trust the tech giants like I used to.

          I can live with changing the password once a year (or is it every two years?). Just curious if there was any particular reason for it, but now I know!

          Yamaha YTR-8335G
          Monke Bb trumpet
          Carol Brass flugelhorn
          YTR-6810 piccolo
          Burbank Eb/D
          Various antique cornets & horns in various keys

          Shifty 1 Reply Last reply Reply Quote 0
          • Shifty
            Shifty @Jolter last edited by

            I've been here since we started (March 2019) and have never been asked to change my password. I do stay logged in between sessions (usually).

            Getzen Eterna 700, Eterna 800
            Conn Connstellation 28A, Victor 80A, Connqueror (1903)
            ACB Doubler Flugelhorn

            Dr GO 1 Reply Last reply Reply Quote 0
            • Dr GO
              Dr GO @Shifty last edited by

              @shifty said in Password expiry - why?:

              I've been here since we started (March 2019) and have never been asked to change my password. I do stay logged in between sessions (usually).

              I too have been here without log in problems with the exception of a brief period when a Moderator had unilaterally banned me off of TB out of a fit of rage. That Moderator was later permanently banned when his rage continued onto others here at TB, so in a way, I feel vindicated for that brief time away.

              Allora Pocket Trumpet 2014
              Harrelson Summit 2017
              Kanstul 1526 2012
              Getzen Power Bore 1961
              Getzen Eterna 4-Valve Fulgelhorn 1974
              Martin Committee 1946
              Olds Super Recording 1940
              Olds Recording (LA) 1953
              Olds Recording (Fullerton) 1967
              Olds Ambassador 1965

              administrator 1 Reply Last reply Reply Quote 1
              • administrator
                administrator Global Moderator @Dr GO last edited by

                @dr-go said in Password expiry - why?:

                @shifty said in Password expiry - why?:

                I've been here since we started (March 2019) and have never been asked to change my password. I do stay logged in between sessions (usually).

                I too have been here without log in problems with the exception of a brief period when a Moderator had unilaterally banned me off of TB out of a fit of rage. That Moderator was later permanently banned when his rage continued onto others here at TB, so in a way, I feel vindicated for that brief time away.

                I'm sorry that happened. Glad you're still around.

                For what it's worth, I am the FIRST user and have never changed my password.

                1 Reply Last reply Reply Quote 1
                • administrator
                  administrator Global Moderator last edited by

                  @Jolter or anybody for that matter, if you get locked out I can reset your password. You're always free to create a new account.

                  1 Reply Last reply Reply Quote 0
                  • 1 / 1
                  • First post
                    Last post