Do you really need a long complicated pass code on Android?
Traditionally, IT admins applied similar pass code requirements to Android devices as with server and desktop operating systems. How...
Updated 2 months ago
Version 4.0
Blog Post
Bigdogburr wrote:
- Periodic pass code changes (every 90 days, etc.): Not required. Only force changes when a known compromise is detected.
In the past, I have seen quite wild actions by people who had to change their passwords every 90 days. Especially when people were prevented from using “too similar” passwords, passwords ended up on pieces of paper. Some of them were pinned directly to a computer screen. 🤓
I am glad that various security authorities have moved away from this recommendation and instead recommend more complex passwords.
As a user, you don't necessarily know whether your own password for an account has been affected by a data leak. I think it's pretty good that Chrome warns you when logging in if it appears in a data collection. You can then change passwords accordingly.