I agree with you in principal, but is also important to remember that policy != ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cdubzzz on Nov 23, 2016 \| parent \| context \| favorite \| on: NIST’s new password rules – what you need to know I agree with you in principal, but is also important to remember that policy != practice. For a policy against shared accounts, for example, there is no reasonable way to guarantee that Employee A has not given his password to Fired Employee B.

monkeywork on Nov 24, 2016 [–]

if you are compromised in that manner "Employee A has not given his password to Fired Employee B." then no password policy is going to save you.

Also remember passwords are only ONE part of your security armour, they aren't the entire suit.

platz on Nov 24, 2016 | [–]

http://i.imgur.com/kU3jB9B.jpg

http://i.imgur.com/OeIRC5U.jpg

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact