Passwords can become compromised, whether through attacks on the services we use or breaches of our organization (from phishing to a visitor who sees the keys on a post-it note hanging in the office). We will not always be aware of what happened and unauthorized access can go unnoticed, so renewing passwords with a certain frequency (depending on criticality it can be every year, 9 months, 3 months…) is a common practice to keep our accounts secure. To prevent passwords from being reused or repetitive and weak passwords from being set, if we require password renewal we must impose other complementary measures that are already the norm in many systems, such as using an automatic generator, not accepting past passwords or similar to past ones and even recognizing patterns such as names or dates in passwords.
Don’t hesitate to request advice from our experts.
