x
Your opinion in 1 minute.
Help us improve by answering 4 quick questions.
Take Survey Now
18.191.174.168
18.191.174.168
Start Thread
Can't find what you're searching for? Start Thread
DanHakimi
‎04-02-2018 04:21 PM

Why do passwords expire?

Apparently, my password is "expiring." Why does that happen? That seems like it's more likely to lock people out of their own accounts than actually provide any security benefit, real or theoretical.

Reply
0 Likes
2,445 Views
Message 1 of 3
Report
2 REPLIES 2
VanKalkerFarms
Super Seller
‎04-03-2018 04:47 AM

what password is expiring?  I've had my Square account for over 7 years and never have had to change my Square Password. 

 

Password rotation is a way some businesses or consumers assure that their employees or themselves aren't using the same password for many things or for a long time.

Bob Van Kalker
My Van Kalker Farms Garden Center website
My Rise'n Roll Bakery Schererville Indiana Facebook Page
My Rise'n Roll Bakery Cedar Lake Facebook Page
Reply
2,435 Views
Message 2 of 3
Report
JK_Fiber_Art
Beta Member
‎08-22-2023 07:46 AM

Hi DanHakimi,

 

Not too long ago I was prompted to change my Square password - no big deal and it was for my own benefit.   If you ever had an account or your email compromised, it's clear that changing a password on a regular basis is important.  Take a look at this website, it's quite interesting and you may even find your email address out there.   @VanKalkerFarms has a good point too.  As for a discussion about password alternatives that @jackybaba mentioned, that's not a bad idea.  I did a little research and there are many options to consider.

 

Indeed there alternative password solutions.  Below are some authentication methods beyond traditional text-based passwords. Note: No authentication method is foolproof, and each has its own strengths and weaknesses. A combination of different methods might provide the best balance of security and usability.

 

* Two-Factor Authentication (2FA): This involves using a combination of two different authentication factors. Typically, it's something you know (password) and something you have (a time-sensitive code generated by an app, text message, or hardware token).

 

* Biometric Authentication: This uses unique physical or behavioral traits, such as fingerprints, facial recognition, iris scans, or voiceprints, to verify your identity.

 

* Multi-Factor Authentication (MFA): Similar to 2FA, MFA adds an extra layer of security by requiring users to provide multiple forms of identification to access an account.

 

* Password Managers: These tools generate and store complex passwords for various accounts. Users only need to remember the master password for the password manager.

 

* Hardware Tokens: Physical devices like USB keys generate one-time passwords for logging into accounts. They're often used in conjunction with a traditional password.

 

* Smart Cards: These are credit card-sized devices with embedded chips that store authentication information. Users need to insert the card into a reader and often provide a PIN for access.

 

* Push Notifications: When logging in, you receive a push notification on your smartphone. Confirming the notification grants access to the account.

 

* Behavioral Biometrics: This method assesses your behavioral patterns, such as typing speed and style, mouse movements, or device handling, to verify your identity.

 

* Pattern-based Authentication: Instead of a traditional password, you draw a specific pattern on a grid of points or dots, which serves as your authentication code.

 

* Voice Recognition: Analyzing your voice's unique characteristics can authenticate your identity.

 

* Retina Scans: Similar to iris scans, this method involves analyzing the unique patterns in the blood vessels of your retina.

 

* Palm Vein Authentication: This measures the vein pattern in your palm, which is unique to each individual.

 

* DNA Authentication: While still in its early stages and primarily used for high-security environments, some companies are exploring DNA-based authentication.

 

* Location-Based Authentication: This method considers your physical location to determine if the login attempt is legitimate. If it's from an unexpected location, additional verification might be required.

 

* Time-Based One-Time Passwords (TOTP): These are time-sensitive codes that change periodically. They are often generated by apps like Google Authenticator.

 

* Risk-Based Authentication: This system assesses the risk of a login attempt based on various factors like location, device, and user behavior. If the risk is high, additional verification steps are required.

 

* Cognitive Authentication: This emerging method uses behavioral and cognitive patterns, such as how you interact with certain challenges or puzzles, to verify your identity.

Reply
0 Likes
639 Views
Message 3 of 3
Report
Anonymous
© 2022 Square, Inc.