BigRedConsulting
Community Champion
Community Champion
‎November 10, 2021 12:19 PM

Account management

@Adrian_A 

RE: The Password Security in QuickBooks Desktop can't be stopped. It is designed this way to protect your critical data such as your Social Security Number, Company EIN, Bank Information (Routing Number, Account Number), or Vendor Tax ID. Changing it every 90 days helps your file to be more protected.

 

That's traditional thinking, and it intuitively makes sense, but it turns out to be wrong. Not only does it not help, it makes things worse. Some say much worse.

 

See:

https://www.sans.org/blog/time-for-password-expiration-to-die/

 

https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes

 

https://www.ncsc.gov.uk/collection/passwords/updating-your-approach

 

https://www.extremetech.com/computing/292534-microsoft-says-forced-password-resets-dont-improve-secu...

 

https://arstechnica.com/information-technology/2016/08/frequent-password-changes-are-the-enemy-of-se...

 

https://www.zdnet.com/article/forcing-users-to-change-their-passwords-may-do-more-harm-than-good/

 

https://thehackernews.com/2021/05/is-it-still-good-idea-to-require-users.html

 

https://www.washingtonpost.com/news/the-switch/wp/2016/03/02/the-case-against-the-most-annoying-secu...

 

https://www.wired.com/2016/03/want-safer-passwords-dont-change-often/

Reply Join the conversation