Original Post: Resetting Broken Password Advice
The blog post discusses the outdated advice on periodically changing passwords, inspired by recent infographics seen on LinkedIn. The author argues that this practice, once relevant during the early days of the Internet when devices were often shared, is now ineffective. They highlight key issues like weak password increments (e.g., “P@ssword123” to “Password1234”) and the impracticality given the vast number of accounts people manage today. Instead, the post advocates for only changing passwords when there’s suspicion of compromise, using password managers, and employing multi-factor authentication (MFA). The blog also touches on other outdated advice, such as overly complex password requirements, and concludes by recommending the use of a specific infographic from the National Cyber Security Centre (NCSC) for modern password practices.
Go here to read the Original Post