Re: Password expiration - was Re: [SECURITY] Security Awareness Programs

[Roger A Safian <r-safian () NORTHWESTERN EDU>]

>  Ultimately, I'm not finding the benefit strong enough to move me from my
> core belief that it's not worth the usability trade-off and we should instead
> be focusing energy getting users to use password managers. But I admit
> that's subjective.

I'm not sure that password managers will take off.  The whole password system is little more than an annoyance to most 
users, and until that changes, we're just expending a lot of energy, mostly needlessly.   That being said, I'm pinning 
my hopes on multi-factor authentication.  Maybe one of us will get lucky.