Categories: world

Microsoft admits that the password rules are useless

Have you ever had to change your password for no reason? Facebook Before it was annoying. Now it is useless. Microsoft has admitted that one of our great plagues, the password recovery rule is bunk. "When people are assigned or forced to create passwords that are hard to remember, too often they should write them down where others can see them," Microsoft's Aaron Margosis wrote in a blog post Wednesday. Worse, Margose wrote, when people are forced to change their passwords, they often make a "small and predictable change to their existing password", or they will just forget it. (Duh.) The blog post introduces a wider set of "baseline" security settings. Microsoft is considering recommending companies that use their computer management software. Think of them as a standard of a kind. Unfortunately, Microsoft not only provides the password recovery feature, which would be the human thing to do. In the end, it will still be up to your company's technology team to listen to the cause or continue to live in the security stone. It is worth noting that Microsoft does not change recommendations on how we create passwords. In fact, companies recommend that companies increasingly forbid typical passwords and force employees to use multifactor authentication . (We at CNET are also fans of password handlers .) But make no mistake, Microsoft, whose Windows software drives nearly 80% of the world's computers, has finally seen the light. "Periodic ransom is an old and outdated limitation of very low value," Margosis…

Have you ever had to change your password for no reason?


Facebook

Before it was annoying. Now it is useless.

Microsoft has admitted that one of our great plagues, the password recovery rule is bunk.

“When people are assigned or forced to create passwords that are hard to remember, too often they should write them down where others can see them,” Microsoft’s Aaron Margosis wrote in a blog post Wednesday. Worse, Margose wrote, when people are forced to change their passwords, they often make a “small and predictable change to their existing password”, or they will just forget it. (Duh.)

The blog post introduces a wider set of “baseline” security settings. Microsoft is considering recommending companies that use their computer management software. Think of them as a standard of a kind.

Unfortunately, Microsoft not only provides the password recovery feature, which would be the human thing to do. In the end, it will still be up to your company’s technology team to listen to the cause or continue to live in the security stone.

It is worth noting that Microsoft does not change recommendations on how we create passwords. In fact, companies recommend that companies increasingly forbid typical passwords and force employees to use multifactor authentication . (We at CNET are also fans of password handlers .)

But make no mistake, Microsoft, whose Windows software drives nearly 80% of the world’s computers, has finally seen the light. “Periodic ransom is an old and outdated limitation of very low value,” Margosis wrote.


Source link

Share
Published by
Faela