1·
2 months agoYep, that’s dumb. SOC2 is built upon NIST guidance, not the other way around.
- 0 Posts
- 3 Comments
Joined 2 years ago
Cake day: March 19th, 2024
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
If you have any voice with your Security department, you can tell them that rotating passwords are counter to NIST SP 800-63B (Section 10.2.1) guidance:
Do not require that memorized secrets be changed arbitrarily (e.g., periodically) unless there is a user request or evidence of authenticator compromise.
Almost as
badglorious as Breezewood, PA.