Dear edozio, hhamedk
Thank you for your request! We have received multiple requests in order to improve security of the Wialon Hosting.
At the moment there are some concerns I have regarding forcing users to change their passwords after a period of time:
1. After password expiration, people tend to set simpler passwords to the apps so that they do not forget it.
2. After password expiration, people tend not to change the full password but only last digit(-s) of the password so that they do not forget it.
3. People tend to re-use passwords and we would need to store them so that they are not repeated...
All that factors affect the security and that passwords are easily guessed by hackers. To sum up - changing passwords every 90(60/30) days gives you the illusion of stronger security.
Even Microsoft changed their guidance on password expiration policies. On May 23, 2019, they released a blog post explaining their decisions. https://docs.microsoft.com/en-us/archiv … rver-v1903
What will we do to improve security?
At the moment I think that users and access management, sessions management, multi-factor authentication, creating more complex passwords should be the main targets in our security strategy.
I have added your request to the ticket of the security improvement in our issues management system, we will contact you once there are any updates in the security sphere.
Please let me know if there are any other questions.
Unfortunately, you are not allowed to view this text
Wialon Business Analyst
"The important thing is not to stop questioning" (c)