Why Password Policies Aren’t Enough
We’ve all been there. We’ve had to set a password in a system and we’ve been told it’s not strong enough. Or we finally set a strong password only to be told 30 days later that we need to change our password. Password policies are not enough to encourage good security behaviour.