Here is the text of the NIST sp800-63b Digital Identity Guidelines.

  • lol_idk@lemmy.ml
    link
    fedilink
    English
    arrow-up
    18
    ·
    1 month ago

    For places that require periodic password changes I always append 2024Q3 or similar on the end of the same password. I KNOW that’s not secure, but f that place for being dumb

    • WhatAmLemmy@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 month ago

      I would always just create 1 password and append a number and it’s special char, cycling from 1 to 0; like 1!, 2@, 3#. Never stayed at a place long enough to go higher than 7 or 8.

      I never gave a fuck about doing this because it’s the companies fault for applying stupid policies. Whenever I’ve been allowed a password manager, they got real security instead of malicious compliance.

    • Eril@feddit.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 month ago

      I feel like it’s not a big impact on security if I use 2fa anyway. (Base password)(month)(year) is fine for me 😅