suggestion - do away with the 180 day password limitation

merk

Honorable Member
#1
I'd like to request/suggest you do away with the 180 password re-use limitation. Forcing people to pick a new password is just a recipe for forcing them to always pick a new password since they (me) wont remember it and will use the password reset, at which point they'll have to pick a yet even more obscure password which they'll (me) forget, forcing a password reset ... etc etc
 


iroken22

Extraordinary Member
Premium Supporter
#2
think of it this way. 180 days is half of a year!!! I mean many of my employment places make us change our password every 30 days. It is for your own security as well as many people tend to use the same password throughout the internet making it more vulnerable every day. That is my explanation as to why we have it in place.
 


merk

Honorable Member
#3
Oh i know why they have it in place - i just dont think it's worth doing. I can understand requiring someone to have a password with at least X number of characters or having at least 1 letter and 1 number. Obviously you don't want people using 'password' as their password. But I think we're probably safe from brute-force attacks, especially when there's a 15 minute wait between 5 failed attempts. And forcing a password change and a 180 day wait is really just protection against brute force as far as i can see.
 


Krypto

Fantastic Member
Premium Supporter
#4
Just got done Talking to Mike and I think he will be removing the mandatory password change every 180 days
 


merk

Honorable Member
#5
woo hoo :) thanks! I almost forgot my password to login now :tongue:
 


RAK

Extraordinary Member
#6
Late now. But I would support merk's lonely contribution to this thread. In a security issue, it can be a good option. On a forum it should be a free choice for the members. Anyway - gone now!!
 


Last edited:

Mike

Windows Forum Admin
Staff member
Premium Supporter
#7
Re: Mandatory Password Change

This was a security feature for the protection of our members so that their accounts wouldn't be hacked due to having a weak password. Make sure you use a strong password that you will remember. To do this, check out this site:

Microsoft Secure Password Checker: https://www.microsoft.com/protect/fraud/passwords/checker.aspx?WT.mc_id=Site_Link

The mandatory password changes have been removed due to difficulties people were having with it.
 


merk

Honorable Member
#8
thanks for doing that!
 


#9
Hate it

I hate it. Glad it's gone. Hope I can go back to my old one so I dont have to *think* ...yeah... I should be getting paid to THINK
 


#10
180 days password limitation is good to me personally, but it could be worth making it optional for those who would rather not have it.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.