In may, Microsoft removed from Windows 10 technology, which force the user to think of new passwords after a certain time. Finally it ended! In Redmond have changed the formal requirements for security in response to evidence that this approach does not improve but rather weakens the protection.
In Windows 10 (1903) and the server version of the “dozens” now you can put one password and not to count the days until its replacement. As noted in the material of the publication TechCrunch, regular change of passwords is counterproductive. This is confirmed in the software giant.
The point is that if the password is stolen, then this scheme makes it impossible to change it immediately — need to wait for the end of the term. If it is not stolen — there is no need to be replaced. Alternatively, it is proposed a multi-factor authentication, tracking attacks on internal resources, and biometrics. Regular change of password is simply outdated and irrelevant method of protection. It is also recommended to use password managers like LastPass or 1Password, the transfer code via SMS.
In Microsoft say that the ideal protection does not exist (if no PC is turned off, unplugged and in the safe), but an adequate level of protection to ensure easy. You only need to follow simple rules.
Note that the company from Redmond for a long time, “clung” for regularly changing passwords, especially because of the ironic look, her appeals to stop the use of this technology. Though it really is outdated.