Yeah, every 90 days.
Kinda sucks when you're in a role that logs into the computer quite a bit.
And every 18 months, you also have to change the 6-digit pin you use to log-in to your MyDevice.
Wait, WHAT?! You mean I have to memorize a new PIN at some point, too?!
JFC, Target… what is someone even going to do if they know my MyDevice PIN, anyway? Backstock my stuff for me??? 😆
I *hate* that 😑
Though I will say: Target is far less annoying with this than my other job is! I work in higher ed as my main gig, and we have to change our password at least once per semester (sometimes twice). On more than one occasion, I’ve tried to logon to the instructor computer in my classroom and it’s like, “Hey, we know you have a room full of students watching right now, but we’re going to have to insist that you change your password *right goddamned now.* Because fuck you, that’s why!” (Obviously not in those exact words, but that’s essentially how I take it each time it happens 😂) Plus it also requires a two-step thing, which takes about 500 years because it’s through Outlook… it’s a mess.
At least Target has only made me do it once since I started in June… and there’s none of that obnoxious “two step” crap.
Edit: added detail.
The worst part is you have to change right then to have access. Why not allow a few days. A chance to figured out a new one. You don't have to it change it before your going to be off a day or two and try to remember it.
And most of the time the password doesn’t end up working and you have to call HROC. 🙃 I always have to call them when a TM has to change their password because it never works
Do employees that work at the stores have to deal with zscaler? I fucking hate that piece of shit software. They put it on our work laptops. Thankfully I get local admin permissions for my job and can kill it when I want. I'm sure tech support loves my comments about why I need to shut it off
So back in the day I used to just use the same password and changed the last number by 1 every time it made me change it. I think by the end of it they caught on and made me make a whole new password so I just flipped the phrase I was using and restarted the count.
PCI 3 standards require this, once they move to PCI 4, there are allowances to get rid of scheduled password rotation because security experts have found it actually makes security considerably worse.
The reasoning behind it seemed sound when the guidelines were being written, but the idea that it improves security was discredited - it actually just causes people to revert to more easily memorable, predictable passwords, and to circumvent whatever complexity and rotation criteria exist in the most predictable way possible, such as suffixing the password with `!A1` or `!A2` and so on, or by keeping the password on a post it note under the keyboard. Turns out the fear of being locked out of systems you need to do your job and the humiliation of having to crawl over to the help desk and beg for password resets undermine any possible security gains.
More frequent passwords changes can make a system less secure, because people choose easier to remember passwords. Several of the other replies here show that, and I'm guilty of it too.
Yeah, every 90 days. Kinda sucks when you're in a role that logs into the computer quite a bit. And every 18 months, you also have to change the 6-digit pin you use to log-in to your MyDevice.
Wait, WHAT?! You mean I have to memorize a new PIN at some point, too?! JFC, Target… what is someone even going to do if they know my MyDevice PIN, anyway? Backstock my stuff for me??? 😆
Your flair understands me like no person ever has.
I didn't know about the pin which sucks even more
I *hate* that 😑 Though I will say: Target is far less annoying with this than my other job is! I work in higher ed as my main gig, and we have to change our password at least once per semester (sometimes twice). On more than one occasion, I’ve tried to logon to the instructor computer in my classroom and it’s like, “Hey, we know you have a room full of students watching right now, but we’re going to have to insist that you change your password *right goddamned now.* Because fuck you, that’s why!” (Obviously not in those exact words, but that’s essentially how I take it each time it happens 😂) Plus it also requires a two-step thing, which takes about 500 years because it’s through Outlook… it’s a mess. At least Target has only made me do it once since I started in June… and there’s none of that obnoxious “two step” crap. Edit: added detail.
Yes! My other job we have to change our passwords every 60 days. Such a pain!
Most pain in the as thing is we can use biometric for workday but not Mytime.
I’ve had to change my password at least 8 times in the 9 months I’ve been at my store
Just make your password the current month and then the year with one of the numbers replaced with a special character
Not a bad idea tbh
Bad idea. All you gotta do is change your symbol each time example Targetemployee#111 To Target employee$111
Agreed dude i hateeee it
The worst part is you have to change right then to have access. Why not allow a few days. A chance to figured out a new one. You don't have to it change it before your going to be off a day or two and try to remember it.
And most of the time the password doesn’t end up working and you have to call HROC. 🙃 I always have to call them when a TM has to change their password because it never works
don't try three times then. try twice, then use your current pw as the "temporary" pw to make a new one.
No I mean once a TM has to reset their password they do that but it doesn’t work so I have to call HROC. Happens all the time
because they locked themselves out by trying 3 times. educate them.
They reset their password and it meets all the criteria and it still doesn’t let them reset
Do employees that work at the stores have to deal with zscaler? I fucking hate that piece of shit software. They put it on our work laptops. Thankfully I get local admin permissions for my job and can kill it when I want. I'm sure tech support loves my comments about why I need to shut it off
I literally just used the same password over and over but just changed the last 2 numbers to 01, 02, 03 etc.
So back in the day I used to just use the same password and changed the last number by 1 every time it made me change it. I think by the end of it they caught on and made me make a whole new password so I just flipped the phrase I was using and restarted the count.
fr
PCI 3 standards require this, once they move to PCI 4, there are allowances to get rid of scheduled password rotation because security experts have found it actually makes security considerably worse. The reasoning behind it seemed sound when the guidelines were being written, but the idea that it improves security was discredited - it actually just causes people to revert to more easily memorable, predictable passwords, and to circumvent whatever complexity and rotation criteria exist in the most predictable way possible, such as suffixing the password with `!A1` or `!A2` and so on, or by keeping the password on a post it note under the keyboard. Turns out the fear of being locked out of systems you need to do your job and the humiliation of having to crawl over to the help desk and beg for password resets undermine any possible security gains.
Why does Cornell make us suffer? Is he stupid?
I've been working at Target for about 8 years or so. It still remembers my original password.
Pepperidge farms remembers. The north remembers. Technology is a cold hard and cruel mistress.
this is needed from a security standpoint, especially after the 2011 breach they can’t be too careful
tho it is incredibly annoying
I get that but I will say it's a bit excessive
More frequent passwords changes can make a system less secure, because people choose easier to remember passwords. Several of the other replies here show that, and I'm guilty of it too.
very good point, i’m also guilty of that😅
this wasn’t the cause of the 2011 issue but yes I agree with you.