Jack Posted December 26, 2023 Share Posted December 26, 2023 如果启用,一年不活跃用户的密码将过期。 密码过期的用户将无法登录,除非密码重置或由管理员重置密码。 如果启用,将每天运行批次处理脚本,让一年不活跃帐户的密码过期。 被废弃的帐户更容易受到攻击,特别是使用旧密码哈希值 (只有当用户登录提供密码时,才能更新旧哈希值)。 删除旧帐户的哈希值还意味着,在发生数据泄露时,它们无法被泄露。 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now