Security Anti-Patterns ====================== Passowrd expiration ------------------- * can lead to weaker passwords or bad password hygeine * See NIST recommendations [1] Overly restrictive file permissions ----------------------------------- * can lead to code being run with excessive privileges User account lockout -------------------- * introduces DoS vulnerability [1] https://pages.nist.gov/800-63-3/sp800-63b.html#-1021-memorized-secrets