If so then I'll be doubly frustrated - I've been assured by our domain experts t... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Jedd 19 days ago | parent | context | favorite | on: Security Is a Useless Controls Problem

If so then I'll be doubly frustrated - I've been assured by our domain experts that this is a requirement of the model.

Did it used to be and was since retracted? I suppose it may be a local or state-based 'implementation augmentation'.

I've trawled just now through the signals directorate site and can find plenty of references to passwords, but nothing specifically covering this.

NoPicklez 17 days ago [–]

It may have been as password rotation was a requirement thrown around, but to my knowledge it's not come up in assessments for a long time.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact