Periodic reminder that NIST does not approve of expiring passwords.
https://pages.nist.gov/800-63-3/sp800-63b.html#memsecretver
> Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.
dreid /
npub18h…jkacq
2024-06-26 18:38:51
Author Public Key
npub18h6v8vw39z07jv75ffwn9wljmkgcdtt5p8qd3hwgtgwtlxy7h3dqcjkacqPublished at
2024-06-26 18:38:51Event JSON
{
"id": "7945924300c77400f7708f39ac575971658883ef88348f2699a759b980c365f2",
"pubkey": "3df4c3b1d1289fe933d44a5d32bbf2dd9186ad7409c0d8ddc85a1cbf989ebc5a",
"created_at": 1719427131,
"kind": 1,
"tags": [
[
"proxy",
"https://wandering.shop/@dreid/112684376387970200",
"web"
],
[
"proxy",
"https://wandering.shop/users/dreid/statuses/112684376387970200",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://wandering.shop/users/dreid/statuses/112684376387970200",
"pink.momostr"
],
[
"expiration",
"1722020101"
]
],
"content": "Periodic reminder that NIST does not approve of expiring passwords. \n\nhttps://pages.nist.gov/800-63-3/sp800-63b.html#memsecretver\n\n\u003e Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.",
"sig": "ddee054f6328fbf31bd6c81f3badcf757a2fec32d8cde84fff027f72a6d712de449f4a29defe0147722f00ef0225c263c6eb1e106e2bcc8c93008f1968e9e37f"
}