|
there was a study done last year that basically said that changing passwords regularly doesn't do anything to improve security. when a password is compromised, the hacker isn't going to wait 2 weeks before using the password. it's going to be used within hours of the hack.
while it may be a good idea not to use anything that's on HR record, i don't think it makes two bits of difference to an outside hacker. they're not going to be checking out a employee's personal history to find passwords. they're going for system security exploits.
|