Passwords should never expire: https://www.sans.org/security-awareness-training/blog/time-password-expiration-die Passwords should not be changed often: https://www.schneier.com/blog/archives/2016/08/frequent_passwo.html Password “complexity” is – mostly – a joke: https://www.xkcd.com/936 You have been breached: https://blog.augustschell.com/passwords-passphrases-complexity-length-crackability-memorability-data-breaches Passphrases are better than passwords – and https://password.ga will generate them for you (it will also generate random passwords that pass complexity requirements) Use a password manager of some …
Continue reading a semi-permanent psa on passwords
Tag:passphrase
on entropy, password/passphrase complexity, and if you’ve been part of a data breach (spoiler alert: you have)
I wrote an article on passwords, passphrases, entropy, and data breaches for my employer’s blog: https://augustschell.com/passwords-passphrases-complexity-length-crackability-memorability-data-breaches