IT is making us change our pwds after several years of not needing to, and I've got a lot of production jobs that run as me & I'm really nervous
@voltronic ooh, harsh.
I couldn't believe it when the org that acquired us actually had less-onerous password requirements. Seems like every other infosec policy was way *more* onerous.
What chaps me on this one is that they changed the minimum-length req on our passwords, and required me to change mine, even though my old pwd meets those new requirements.
@rpardee
Our IT dept still enforces 90-day password changes.
I linked the manager a bunch of material from various orga detailing why this is no longer considered good practice.
It was not well received.