• abraxas@lemmy.ml
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I’ve had arguments with clients’ IT security about this in the past where they demanded forced password resets. Citing NIST controls that insist you should avoid them was apparently insufficient.