[Swordmaker]

Not misleading but simply a puff piece for Microsoft's policy settings. For a decade or more our corporate admins could set passowrd policy in a setting in Windows security policy. In fact there are dozens of relevant settings. E.g. Enforce password history, Maximum password age, Minimum password age, Minimum password length, Password must meet complexity requirements, and Store passwords using reversible encryption.

You may have a point there, palmer.

A lot of that is what I call "busywork IT security junk" that doesn't really provide any more security except for IT jobs. . . It lets them show their non-IT superiors, who they don't really consider their "superiors," that they are "doing something" to justify what they are being paid. . . especially the busy work of requiring everyone, including the boss to change passwords every-so-often, whether they want to or not.

[tacticalogic]

A lot of that is what I call "busywork IT security junk" that doesn't really provide any more security except for IT jobs. . . It lets them show their non-IT superiors, who they don't really consider their "superiors," that they are "doing something" to justify what they are being paid. . . especially the busy work of requiring everyone, including the boss to change passwords every-so-often, whether they want to or not.

That just shows how ignorant you are of enterprise IT environments. Those password requirements are put into place to satisfy the IT security auditors that were hired by those "non-IT superiors".

[palmer]

Yep, I’ve been there and had that done to me. I own my own mac with my own careful browsing etc and don’t need any “help” from corporate IT. I’ve used one password since around 1987 with minor variations and a second one for about 10 years.