Hobo@lemmy.worldtoAsk Lemmy@lemmy.world•Tech workers - what did your IT Security team do that made your life hell and had no practical benefit?
1·
11 months agoThe guideline is abundantly clear too with little room for interpretation:
5.1.1.1 Memorized Secret Authenticators
Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets. Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.
) You trying to throw a syntax error buddy?