• 1 Post
  • 2 Comments
Joined 1 year ago
Cake day: June 9th, 2023
  • LittlePrimate@feddit.deOPtoCybersecurity@sh.itjust.worksHumble "Cybersecurity Zero to Hero" BundleEnglish
    7·
    1 year ago

    All 22 are:

    • The Beginners 2023 Cyber Security Awareness Training Course
    • Writing Secure Code in ASP.NET
    • The Complete Guide to Android Bug Bounty Penetration Tests
    • Intermediate Ethical Hacking Hands-on Training
    • Offensive Hacking Unfolded - Become a Pro Pentester
    • Burp Suite Unfiltered - Go from a Beginner to Advanced
    • Web Hacking Expert - Full-Stack Exploitation Mastery
    • Fundamentals of Secure Software
    • Practical Cyber Hacking Skills for Beginners
    • Risk Management for Cyber Security Managers
    • The Complete Ethical Hacking Course
    • Software Security Testing
    • Pentesting Fundamentals for Beginners
    • Ethical Hacking - Capture the Flag Walkthroughs - v1
    • Ethical Hacking - Capture the Flag Walkthroughs - v2
    • Web Hacker’s Toolbox - Tools Used by Successful Hackers
    • Becoming a Cyber Security Professional - A Beginner’s Career Guide
    • The Absolute Beginners 2023 Guide to Cybersecurity - Part 3
    • Cyber Security for Absolute Beginners - 2022 Edition - Part 01
    • Cyber Security for Absolute Beginners - 2022 Edition - Part 02
    • Learn Man in the Middle Attacks from Scratch.
    • Learn Ethical Hacking From A-Z: Beginner To Expert Course
  • LittlePrimate@feddit.detoSecurity News@infosec.pubThoughts on scheduled password changes (don’t call them rotations!)English
    0·
    1 year ago

    I’d say for a secure password in a manager, it’s not really harmful.
    Someone who uses a manager and secure passwords will usually be aware of the “generate me a new unique, secure password” feature, so they will generate a new one and simply paste that into the page. They might be inclined to just add the bad practice “-01” although it honestly doesn’t make a unique, secure password worse unless the unencrypted password was somehow leaked. The delay in emergency situations mentioned in the post might still happen, although the harm there will depend on the exact situation and likely usually fall into the “annoying delay” category.

    I absolutely agree that forced password changes need to die simply because a majority of users still tries to remember passwords and is therefore prone to bad practices, but for someone with a password manager and unique passwords it’s more unnecessary and annoying than actively harmful.