Microsoft drops baseline Windows 10 password expiration policy

Microsoft is getting rid of the 60-day password expiration policy for organizations using its baseline security configuration in Windows 10 with the May 2019 Update. In a draft release of security baseline configurations posted this week, the company explained that password expiration is no longer a useful tool for preventing breaches, and it often causes more headaches than it's worth (via Ars Technica).

By default, Microsoft's current baseline configuration forces users to change their passwords every 60 days. However, as Microsoft explains, this can have the unintended effect of causing people to choose simplistic passwords that are easy to crack, or they will forget their new passwords altogether. Further, if a password is stolen, any set period of time for expiring passwords could still be a liability; the most effective approach would be to have that password changed immediately.

From Microsoft:

Periodic password expiration is an ancient and obsolete mitigation of very low value, and we don't believe it's worthwhile for our baseline to enforce any specific value. By removing it from our baseline rather than recommending a particular value or no expiration, organizations can choose whatever best suits their perceived needs without contradicting our guidance. At the same time, we must reiterate that we strongly recommend additional protections even though they cannot be expressed in our baselines.

In addition to dropping password expiration policies from the baseline configuration, Microsoft is also changing the baseline BitLocker encryption to 128-bit encryption. Previously, Microsoft defaulted to the strongest 256-bit encryption, but the company feels that 128-bit encryption is effective enough. Further, there can be a noticeable drop in performance when moving from 128 to 256-bit protection.

For more on Microsoft's draft security policies and proposals, you can view the company's full blog post.

Cheap PC accessories we love

Take a gander at these awesome PC accessories, all of which will enhance your Windows experience.

Anker 4 port USB 3.0 hub ($10 at Amazon)

Whether on a desktop or laptop PC, you always need more ports to connect things to. This hub gives you an additional four USB 3.0 Type A ports.

Ikea Fixa Cable Management System ($11 at Amazon)

This IKEA cable management kit is your ticket to a clean setup. It's simple and functional.

NZXT Puck ($20 at Amazon)

This clever little accessory has powerful magnets on the rear to make it stick to any of the metal panels on your PC case or anything else. It's great for hanging accessories like headsets.

Dan Thorp-Lancaster

Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl