Most Popular Posts

The problems with forcing regular password expiry

Why CESG - now part of the NCSC - decided to advise against this long-established security guideline. Regular password expiry is a common requirement in many security policies. However, in the Password Guidance published in 2015, we explicitly advised against it. This...

Here’s to the crazy ones

“Here’s to the crazy ones, the misfits, the rebels, the troublemakers, the round pegs in the square holes… The ones who see things differently — they’re not fond of rules… You can quote them, disagree with them, glorify or vilify them, but the only thing you can’t do...