DEV Community

loading...

Discussion on: Implementing Passwordless Authentication in Node.JS

Collapse
wonsil profile image
Mark Wonsil

It is no longer a best practice to force a password change after a period of time. This according to NIST, Microsoft, and the man who suggested the idea in the first place.

Collapse
Sloan, the sloth mascot
Comment deleted
Collapse
wonsil profile image
Mark Wonsil

See Best practices for existing authentication systems, the paragraph before the conclusion.

Forem Open with the Forem app