Join Date: May 2014
Location: N. Central Florida
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 46 Post(s)
I'm sorry but I do NOT agree with this policy.......being enforced for "normal" users.
If an ordinary user's password is compromised, it affects ONLY HIM, right ?? Then it is HIS problem and will not compromise system integrity, right ??
Now.....for Admin accounts that could do some real damage.....manbe a different story.
And.....if the forum software stores passwords in un-encrypted form, then a real system breach might get the passwords too......and how complex they are or how often they have been changed will MAKE NO DIFFERENCE at all.
And lasty, forcing users to change their passwords often usually means that they will have to write them down to remember and that in itself is a REAL security risk, as opposed to the imaginary ones causing you to be paranoid and to contemplate changes that might not be necessary or effective.
'17 Prius C-4