Skip to main content
BusinessModern WorkplaceSecurity

Best Practice – Password Expiry

Get Secure – Don’t Expire Passwords

For years IT admins have required users to change their passwords every now and then.

RESET – re-think, there’s a better way!

We’ve seen draconian examples where the IT Overlords have forced this as frequent as every 35 days but times change and thinking changes and we’re completely aligned with the Official position from Microsoft who say “research has found that when periodic password resets are enforced, passwords become weaker as users tend to pick something weaker and then use a pattern of it for rotation. If a user creates a strong password: long, complex and without any pragmatic words present, it should remain just as strong in 60 days as it is today. It is Microsoft’s official security position to not expire passwords periodically without a specific reason.”

We recommend you adopt 2FA/MFA for all user accounts and can assist with this across your cloud services.

Click here for more info on 2FA/MFA

Want to know more – reach out for a chat and see how we can help you secure your business.

Leave a Reply