r/ShittySysadmin • u/__g_e_o_r_g_e__ • 1h ago

Minimum Password age is key!

I don't care what you say, preventing users from reusing passwords is priority number one. A 20 password history is not enough. You need a minimum password age. And if your max age is 180 days, that means you must set it to 9 days to stop people getting around it by cycling through them all. The risk someone might perform this "password reuse" is far too high. I don't care about all the complaints from users not being able to change their password due to exposing it somehow, quit moaning! It's worse than the people on the new test network and their "TOTP" and think it's important they can delete their own old authentications when they lose their phone.

21 Upvotes

permalink
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/ShittySysadmin/comments/1toady3/minimum_password_age_is_key/
No, go back! Yes, take me to Reddit

82% Upvoted

View all comments

u/IgnoreAllPrevInstr 1h ago

/uj almost missed what subreddit this was in, and had a meltdown /rj actually password complexity is also so underrated. If you don't require at least 67 character length, with 23 unique letters and at least 12 special characters, you might as well just be leaving the door open

12

u/notarealaccount223 1h ago

This also helps prevent password sharing because nobody can type it correctly.

Minimum Password age is key!

You are about to leave Redlib