Description

It was found that password policy does not have password expiration period. By not rotating passwords, you increase the chances of user hijacking.