Writing in short form where a lengthier reply would work better and when confronted with such a reply some form of “not reading all that” or other thought terminating clichés.
I’ve found that as arbitrary as it is - the ability to read a lot of information works pretty well as a mark of mental maturity. Also links to Twitter or Tiktok as discussion points. No one over the age of 19 browses TikTok lol.
If you make users sign in too much, they will just make their passwords short and easy to remember, even 24hrs is too much and people bitch about it all the time, especially since we have password managers enforced, meaning every time they need to Auth they need to Auth into their system, Auth into their password manager, copy the password, auth into their phone, look at the 2FA code and type that in.
Doing this every day just to open email is understandably fucking enraging even to me as a security “”“engineer”“”/analyst/${bullshitblueteamemailreaderjob}
Press it harder and they will use simple passwords that will inevitably be passed through to something external (e.g. cockpit which even I can bruteforce) or reused somewhere at some point, and then someone just has to get lucky once and run whatever
run0 sudo su <reverse shell bs here>
to bypass all protections.