Comments on: QotW #1: How does changing your password every 90 days increase security? http://security.blogoverflow.com/2011/07/question-of-the-week-1/ The Security Stack Exchange Blog Sat, 06 Feb 2016 05:11:22 +0000 hourly 1 https://wordpress.org/?v=4.5.6 By: Havenless http://security.blogoverflow.com/2011/07/question-of-the-week-1/#comment-495530 Fri, 24 Apr 2015 07:35:59 +0000 http://security.blogoverflow.com/?p=120#comment-495530 If you’re compromised, important people will want to know why you didn’t follow “industry standard practice”.

It’s industry standard practice because everyone follows it.

Everyone follows it because it’s industry standard practice.

]]> By: MikeInOmaha http://security.blogoverflow.com/2011/07/question-of-the-week-1/#comment-12691 Sat, 01 Dec 2012 11:37:26 +0000 http://security.blogoverflow.com/?p=120#comment-12691 While they’re all valiant tries, the list of reasons “FOR” is missing it entirely. The sole reason behind the 60/90 day rule is to reduce exposure if a p/w is compromised unknowingly. Once the p/w changes, the intruder will lose their access by way of those credentials at minimum.

]]>