this post was submitted on 19 Jun 2025
1 points (100.0% liked)

cybersecurity

14 readers
1 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 2 years ago
MODERATORS
[email protected]
1
Recently learned NIST doesn't recommends password resets. (zerobytes.monster)
submitted 1 week ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 
The original post: /r/cybersecurity by /u/Different-Phone-7654 on 2025-06-18 17:16:33.

NIST SP 800-63B section 5.1.1.2 recommends passwords changes should only be forced if there is evidence of compromise.

Why is password expiration still in practice with this guidance from NIST?

all 1 comments
sorted by: hot top controversial new old