I consider myself the enemy of unexamined practices, and password policy practices haven't been updated since the late 90's. Here are some articles to read and consider:
http://www.cerias.purdue.edu/site/blog/post/password-change-myths/
http://www.sicpers.info/2010/03/why-do-we-annoy-our-users/
No comments:
Post a Comment