In a blog post published this week, Microsoft finally admitted that its password-expiration policies are useless. The Redmond giant plans to eliminate this feature in Windows Server 1903 and Windows 10 May 2019 Update.
Windows Group Policy users often use the password expiration feature. After a specified time period, this feature prompts them to change their passwords.
Password expiration policy is ineffective
It seems that password policies will no longer be a part of Windows Server 1903 and the May 2019 Update. Microsoft thinks that password expiration is not as effective as it was initially thought to be.
The tech giant thinks that no one should wait for a predefined expiration date to change an already stolen password. Furthermore, the company described the policy to be ineffective and outdated.
Changing password, again and again, is nothing more than a headache for users. As a matter of fact, most Windows users are only adding minor changes to their existing passwords. They rarely set up completely new passwords.
In this case, it is a lot easier for hackers to get unauthorized access to their systems. Secondly, users often tend to forget their new passwords and recovering them is a headache in itself.
Switch to advanced security techniques
Microsoft is of the opinion that IT administrators and organizations should move on to some effective and advanced security techniques. Microsoft recommends companies to use password manager applications such as the Azure Active Directory password protection tool.
In order to secure your system, you can also use multi-factor authentication solutions, and unrecognised login attempts detection tools.
As far as Windows 10 users are concerned, Microsoft says that regularly updating your password does not guarantee the complete protection of your system.
You should also use some additional protection measures as well.
RELATED ARTICLES YOU NEED TO CHECK OUT:
- Microsoft confirms Outlook data breach, change your password now
- How to password protect ZIP files on Windows 10
- Top 4 software to recover lost email account passwords