@JoeBuhlig But people are more likely to use weak passwords if they have to change them, and they simply cycle weak passwords.

@curtismchale So we’re stuck with one weak password or multiple weak passwords. I think my brain doesn’t follow how this is better.

expiring does nothing to increase security except frustrate users with password change requests. Better to invest in training them on a password manager and what a good password is