Reminders to change passwords after certain time span
Include a date field in password control (also being able to sort desc/ascending) , and maybe a "reminder" . ¿What kind of reminder? Now, I have hundreds of pw stored and sometimes related to same sites/servers, ftp accounts or so...I'm beginning to have "duplicates" and older/newer passwords. ¿What about reminders of my 1 year old passwords, etc...? Maybe I want to change them.
Think about this for a minute folks. Changing your password only helps when someone has already got your password. In this case, they've already stolen your info and/or changed your password for you. You could change your password every 15 seconds and it wouldn't make an account any more secure from random/dictionary attacks.
On a related note, forced password expirations are detrimental to good security. Force someone to change their password and they are just going to write the new one down where someone can find it.
M. Straus commented
For corporate deployments, they should be termed as expirations. Password ages should also be visible for the auditor role.
catherine Broadhead commented
please could you tell me my password as i have forgoton it
Subscribe - this is an important part of security administration. In-application and summary email reminders (there are likely to be more than one password expiring at the same time!) would be an excellent feature.
All my sites have password expiration dates, if Passpack team can code in date and reminder emails, it would be awesome.
Alex Leonard commented
Yep, I like this idea. Short email notification that password title XXX needs changing. Configurable through settings screen with custom amount of days. Of course, with something like 600 passwords and counting, unless I set a schedule of more than two years I'll be changing at least a password a day...
Perhaps it could be done on a per password basis. Hmm. Not really sure what the best option is..
I have a lot of passwords for servers (i.e. root logins), which should be periodically changed for security reasons. If there was a way to set a password to expire after a specific time (i.e. a reminder to be sent after 2 months), it would help me to keep these passwords rotating, increasing security drastically.
This feature would be really useful for me, or anyone with a large number of passwords, as I keep intending to rotate passwords but the effort required in remembering to do it for each system usually keeps me from actually doing it. However, if I was to get an email for each password, I'd be most likely to actually do it :)
Would this http://bit.ly/cQmRMW be similar?