• 0 Posts
  • 6 Comments
Joined 3 months ago
cake
Cake day: August 4th, 2024

help-circle




  • pingveno@lemmy.worldtoPrivacy@lemmy.mlUse a password manager
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 months ago

    I work at a university IT department. It’s been a struggle with our auditors to loosen up the password expiration requirements. At least with the students they let anyone with 2FA to go without password expiration, which acts as a nice little carrot-and-stick. But for staff it’s two years (2FA always required), regardless of password quality. I’d rather be able to base password expiration on password quality, personality.


  • pingveno@lemmy.worldtoPrivacy@lemmy.mlUse a password manager
    link
    fedilink
    English
    arrow-up
    2
    ·
    3 months ago

    LessPass and similar software has some problems. Things like you can’t simply change your master password, you must then recompute and change every site. It’s also not strictly stateless, since you need to know which password iteration you’re on and the user name. Full fledged password managers also typically provide other secret management features, like API keys, SSH keys, credit/debit cards, and identity cards.