this post was submitted on 20 Aug 2024
599 points (98.9% liked)

Cybersecurity - Memes

1977 readers
2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
599
submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]
 

This practice is not recommended anymore, yet still found in many enterprises.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 3 months ago* (last edited 3 months ago)

No joke, my father used to have to do this. I set him up with a solid pw via pw mgr and then we found out that it had to be changed every 60d. He was going to just generate a new one but I was concerned that he'd screw it up and need help resetting the pw every time, so I was like "...just had 1 to the end, and do the same in the mgr; next time 2, then 3...".

He got to like 8 before (it appears, he stopped complaining about it) they dropped the policy. I just know that every other employee (these are not tech positions whatsoever) just resorted to "password1" and IT realized how fucking stupid that is.

Oh and it retains your last like 5 passwords, so you can't do "password1" "password2" "password1". Brilliant.