Home » Main » Microsoft refuses regular forced password change

Microsoft refuses regular forced password change

Microsoft acknowledged in his blog that the rules of the underlying security for Windows 10 and Windows Server, requiring regular password changes, in fact, useless. The fact that the system requires you to create complex passwords and difficult to remember. Because users often change or add one character that makes the selection.

Microsoft откажется от регулярной принудительной смены паролей


According to the company, research has shown that periodic and forced changing of passwords is ineffective and only works against those who already know a custom key. Therefore it is better to change your password on the timer, and, if necessary, without waiting for the expiration of its validity.

Alternatively, in Redmond talking about enforcing the use of lists of banned passwords (good-bye “qwerty” and “123456”), multi-factor authentication and biometric methods. This is what the above options are offered as an example and not a clear guide to action.

The company said that “the expiration of the password is an ancient and outdated means of” protection, therefore its use is inappropriate. Microsoft offer a more flexible strategy that is based on the specific requirements of companies, although it did not specify when the outdated mechanisms will be removed from the OS.

Overall, the company is gradually getting rid of outdated and unnecessary elements in the system, while only in new. Thus, in Redmond follow its strategy to transfer the maximum number of users on the “top ten”. However, the problems she still has. Recall that in Windows 10 May 2019 Update there is a problem reassigning drive names what the update to the latest version is locked on the PC where is connected the external drives or SD memory cards.