Project Talk:Infrastructure/Password policy

I think we need to decide on a couple of things:


 * Advice on generating the master password. I'm generally good with the xkcd advice; but I've also had success using longer computer generated passwords. My ability to remember a password is primarily related to use-rate.
 * Advice on rotating passwords. I'd explicitly avoid rotating the master password outside of a breach.

— The preceding unsigned comment was added by ‎Antarus (talk • contribs)


 * We should avoid rotating passwords https://www.wired.com/2016/03/want-safer-passwords-dont-change-often/ --Jonas Stein (talk) 23:51, 13 October 2018 (UTC)