According to the German Federal Office for Information Security, passwords should only be changed for a specific reason. So which security policies are (still) advisable with regard to passwords, and which ones do actually increase the risk potential of cyberattacks?
- Risk vs. requirements assessment
- Complexities with password management
- Company-wide policy implementation
- Taking protection measures