Password Anti-Pattern is an Anti-pattern and are concepts that have been shown to be detrimental to Best Practices Password and user Experience

Password Expiration#

Both NIST.SP.800-63B, Microsoft and Bruce Schneier recommend that passwords SHOULD NOT be arbitrarily expired after some interval.

The Shared Password#

The user is asked to give the site login names and passwords for another site in order for the first site to access address books, connection lists or other data kept on the second site.[1]

The Password Anti-Pattern, in which a shared secret (the password) directly represents the party in question (the user). By sharing this secret password with applications, the user enables applications to access protected APIs.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-9) was last changed on 21-Dec-2016 13:08 by jim