Anteaus wrote:
If a hacker has already had my password for 30 days I don't think
changing it would do a lot of good.
Therefore, what is the purpose of this? I can't see how it
contributes to security in any way. In fact it may reduce security,
by forcing the use of simple passwords.
The point of changing passwords is not to stop people who already hacked
your password from using it - but to prevent the password hacker from having
the time to actually hack your password.
So your "If a hacker has already had my password for 30 days" analogy is
viable - but that means they cracked it the day this guy wants to change
it - every 30 days. ;-)
Truthfully - a little physical access and most peoples passwords can be
cracked in hours, not days. A few will take days - but seldom 30 if they
are crackable. And if they are not - usually anything over a few days has
proven that.
However - if you never change your password - I have forever to crack it
*and* to use it quietly without you possibly ever even knowing. ;-)
--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html