I have a dispute with my partner. He comes from a financial software background but I do not. He recommends that our web app should expire user's passwords after 6 months (and it has to be unique each time). However, our target audience will be in construction. I think it will annoy the users and not provide enough security to justify the annoyance.
Do you think passwords should expire?
No comments:
Post a Comment