» 뉴스 » Microsoft는 암호 노화의 정책이 효과가 인정

Microsoft는 암호 노화의 정책이 효과가 인정

Microsoft decided to step away from policy of password aging that forced users to change saved passwords from time to time.

echnical giant presented new project plan of basic configuration settings for Windows 10 v1903 (19H10) and Windows Server v1903, that would eliminate the need to change password every weeks or months in accounts that are under group policy.

Innovation will be implemented in Windows 10 Update that would be released in May 2019.

As Microsoft explains in its blog, existing policy “ancient and outdated, with little value” and company does not “consider it reasonable". Algorithm of passwords aging that demands periodic password changes is not a reliable method of account protection, especially remembering that if password was stolen it is necessary take measures immediately instead of waiting until it expires, note in a company.

After cancellation of password aging policy Microsoft recommends organizations to replace preset password expiration settings with newer and modern safety practices, for instance, with multifactorial authentication, methods of brutforce-attacks detection or with realization of prohibited passwords list.

하나, company does not change recommendations on minimal length and complicity of a password.

“To try to avoid inevitable misunderstandings, we are talking here only about removing password-expiration policies – we are not proposing changing requirements for minimum password length, history, or complexity.”, — emphasizes Microsoft experts.

Document also contains recommended policies concerning groups of users in corporate network, including rules that limit work of certain functions for abuse prevention, and blocking of certain functions that malware can exploit in attacks on system or network.

독서  Microsoft는 아스타로트 fileless 트로이 목마 공격 경고

출처: https://blogs.technet.microsoft.com

[합계: 0    평균: 0/5]

트로이 킬러 소개

메모리 스틱에 트로이 킬러 휴대용 운반. 당신은 당신이 어디를 가든 당신의 PC가 어떤 사이버 위협에 저항 도울 수 있는지 확인하십시오.

또한 확인

존알람은 vBulletin에 취약점과 해킹

ZoneAlarm을 포럼으로 인해 vBulletin에 취약점을 해킹

존알람에서 포럼, 체크 포인트의 소유이며, 그 제품이 사용되는 …

웹엑스 초대에 RAT 트로이 목마

범죄자들은 ​​웹엑스 초대에 RAT 트로이 목마에 대한 링크를 제공

정보 보안 전문가 알렉스 Lanstein는 RAT의 분포에 대한 원래의 벡터를 발견 …

회신을 남겨주