【Bahamas】-Exploration Information Network
Latest News:
E3 2017 Trailer Roundup: Upcoming PC Games 6 spooky, sepia Mexican president says he told Trump that Mexico won't pay for the wall Reliance Jio's service now commercially available in India Dallas Mavericks vs. Boston Celtics 2025 livestream: Watch NBA online Justin Bieber's criminally fluffy puppy, Todd, has a new Instagram account This new Mercedes might look like a frog, but it drives like a sports car Potter fans battle it out over J.K. Rowling Albus Potter tweet Getting Started with Gmail Keyboard Shortcuts Photos: Tons of tomatoes fly through the air at the world's biggest food fight
Current Location: Home > Games > 【Bahamas】

【Bahamas】

2025-06-27 00:24:46 [Social Good] Source: Exploration Information Network

Thinking of a secure password is Bahamashard, so demanding a user change it every 60 days fills many with dread and leads to weaker security. Microsoft has realized this and decided to remove default password expiry as a security baseline feature in Windows 10.

When organizations deploy Windows 10 to tens, hundreds, or even thousands of employees, default security out the box is very important. That's why Microsoft provides Windows security baselines, which consist of a group of Microsoft-recommended configuration settings that can be relied upon to provide a more secure operating system.

As part of the baseline, Microsoft in the past stipulated a 60-day password expiration policy, which meant every user was forced to change their password every couple of months (unless an organization changed the configuration). As Ars Technica reports, with the release of Windows 10 v1903, password expiration is being dropped from the baseline because it's actually detrimental to security.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Microsoft explains in its latest draft security baseline for Windows that, "When humans are forced to change their passwords, too often they'll make a small and predictable alteration to their existing passwords, and/or forget their new passwords ... Periodic password expiration is a defense only against the probability that a password (or hash) will be stolen during its validity interval and will be used by an unauthorized entity. If a password is never stolen, there's no need to expire it."

Microsoft also points out that if a password is stolen, the thief has up to 60 days to use it based on this expiration policy, which is ample time to gain entry to a system and cause chaos. So on every level, password expiration simply doesn't work, which is why it's disappearing.

Passwords still need to meet a minimum length requirement, be complex enough so as not to be easily guessed, not have been used before, and stored securely. It may still be the case that individual organizations enforce their own expiration policy, but it seems likely the demand for a new password every few months will impact far fewer workers going forward, and that's a good thing for both their sanity and security.

Featured Video For You
How to plan for your digital death — Clarification Please

Topics Microsoft

(Editor: {typename type="name"/})

Related Articles
Recommended
Hot Reads
Random

友情链接

接受PR>=1、BR>=1,流量相当,内容相关类链接。