The Windows 10 υποστηρίζουν δύο τύπους λογαριασμών. Ο ένας είναι ο κλασσικός τοπικός λογαριασμός που είναι διαθέσιμος σε όλες τις προηγούμενες εκδόσεις των Windows, ενώ ο άλλος είναι ο σύγχρονος λογαριασμός της Microsoft που συνδέεται με τις υπηρεσίες cloud της companys.
Before Windows 10 version 1903, Microsoft used code expiration policies accesss for better security that dated back to earlier versions of Windows NT.
This changes (at last) with the new version.
In short, Microsoft states:
If a password is violated, it should be changed immediately. If the password has not leaked, there is no need to change it. Temporary password change can cause users to forget their new password or write it somewhere (to remember it) from where it can be traced.
The official publication in the blog of the company says:
Why are we abolishing our password expiration policies?
First, to avoid inevitable misunderstandings, we are only talking about removing password termination policies, and we do not propose changes to the requirements for the minimum password length or complexity.
Periodic password expiration is a solution against the possibility of a password (or hash) being stolen during its validity period and used by an unauthorized entity. If the password is never stolen, you do not have to end it. And if you have proof that a password has been stolen, you would probably change it immediately rather than waiting for the fix to fix the problem.
Periodic password expiration is an ancient and outdated mitigation of very low value, and we do not think it is useful to impose it. At the same time, we should reiterate that we recommend the additional protections.
Therefore, password expiration policies will be past the upcoming version of Windows 10 1903.