• thingsiplay@beehaw.org
    link
    fedilink
    arrow-up
    1
    ·
    10 个月前

    Yes, as I said, that is with the assumption if people do not use password manager and get lazy. Then I can see this argument being true. But with such long and complicated random passwords on many different services (like I do), it’s expected to use password managers and only remember a single password. Therefore this is the preferred method over bad passwords, which are not changed frequently, as the NIST recommends. I do not agree with that.