MV
michael veale
@michae.lv
assoc. prof, UCL Laws, technology, policy, society, whimsical latvian top level domain names. michae.lv and here mostly stuff crossposted from the fediverse someone.elses.computer/@mikarv
829 followers487 following108 posts
NIST like the UK NCSC now advises against expiring passwords, following literal decades of UCL research concluding this. Everyone is now asking — when will UCL IT follow? https://www.thetimes.com/article/311a6e7a-a0a9-431d-b573-386249b2bc2c?shareToken=9ad1196c3b9c58b48172cec9cdef99a9
All considered, corporate America has still not backed away from this.. and I think that is because most USA companies use Microsoft AD. There is no way that MS is going to send down an edict that 'it was wrong' AND regrettably most admins see Microsoft (not NIST, etc) as authoritative.
MV
michael veale
@michae.lv
assoc. prof, UCL Laws, technology, policy, society, whimsical latvian top level domain names. michae.lv and here mostly stuff crossposted from the fediverse someone.elses.computer/@mikarv
829 followers487 following108 posts