Drop the workbench account expiration and password reset

3 votes

It baffles me that an organisation focused on IT security forces a password reset every 60 days, a security practice outdated since many years.
Also, the email sent to warn us of the expiration raises many phishing red flags, playing on the urgency of deactivation, and including a link.

Under consideration Suggested by: Simon C. Tremblay (03 Jun, '24) • Upvoted: 08 Jan • Comments: 2

Comments: 2
Oldest • Newest • Most likes • Fewest likes

13 May, '24
Richard Forster Merged
Highlighted comment

I only use your site occasionally. So inevitably I always find that my account is deactivated or I have to change my password. This means that more than half my time using your site to get the latest version of a document is spent creating a new account, reactivating my account or trying to create a new password that your system will accept.
08 Dec, '25
Chris Boldiston System
"Stop cancelling accounts and forcing pw refresh" (suggested by <Hidden> on 2024-05-13), including upvotes (1) and comments (0), was merged into this suggestion.

Drop the workbench account expiration and password reset

Comments: 2 Oldest • Newest • Most likes • Fewest likes

Comments: 2
Oldest • Newest • Most likes • Fewest likes