Second, enough friction/difficulty that most end users won't choose to suppress this prompt as a means to subvert good security practices (E.g. First, the ability to suppress undesired prompts by the user when it is not relevant. Thus, having these accounts show up as warnings/flags is a false-positive in this scenario.īeing able to selectively disable/ignore/hide the "Reused Password" prompt would allow for two things.
my password will always be the same for these systems. Often times these systems are protected with two-factor, intranet only access, or other security measures. However, a lot of enterprise systems leverage Active Directory for authentication. I'm a user who likes to store all of his passwords in 1Password-this includes my work credentials. Specifically, disabling the "Reused Password" prompt on select logins. I'm hoping I can bring a use-case to your attention that I'm sure you'd typically advocate against.
0 kommentar(er)
