russellhltn wrote:But from some PMs, I've learned that "shared passwords" have indeed been a problem in some units. So, NIST not withstanding, a requirement to periodically change the passwords will likely continue in certain church apps for the foreseeable future.
This is silly. Correct the behavior through instruction. If people violate the shared passwords, release them from the calling. This is like saying that thefts in the temple are a problem, so we're replacing locks on the lockers with bigger locks. The locks aren't the problem.
There's almost zero support for clerks as it is (all of the online "training" is the shoddiest docs I've ever seen, telling me that clicking a button that says "do thing" does a thing), putting more tech gates to trip us up doesn't help.
This is reducing security to correct a behavior problem with reduced security. It's the kind of bureaucratic nonsense I'd expect from a dysfunctional corporation. Were it happening where I worked, I'd be sending out my resume. I don't have that option here.