I have been preaching it for a very long time! Finally, the BSI confirms it: Changing passwords regularely is nonsense! That's why: Because a very tiny and neglectible detail was not taken into consideration: The human factor, the weakest part in the chain ...
Actually quite logical: The ever-increasing number of accounts and the ever-increasing security requirements for password length and complexity mean that they are written down or recycled according to regular patterns.
The BSI and also other (European) authorities have so far not been officially drawn into making a statement because it would involve a rat tail: What if damage is caused by a false recommendation? Is professional liability insurance liable if a company does not follow the official recommendations of a government authority?
Finally - rarely enough - common sense has prevailed, at least for a short time ;-)
The whole message is available at heise security news (article in german).
If you have any questions or concerns, please feel free to contact us at any time.
We're here to help!
A summary of the latest information
Pressure on SAP certificate management is mounting. How should you respond? One thing is clear: SAP certificates now need to be renewed or replaced …
Read more
As part of the ongoing development process of the automation platform EPOS by Empirius, version 25.7 is now available for use. The main focus: the …
Read more
The key enhancements of the EPOS 25.6 subreleases – clearly summarized for SAP Basis teams.
Read more