Very few, probably. It only applies to consular processing, and only brand new petitions. And that’s ignoring the likelihood that all of this might get struck down by a court (on appeal) at some point given the administration’s propensity for breaking the law. EOs aren’t law on their own.
Could someone post an archive? It’s impossible to view this page without a giant cookie pop up asking one to pay or to consent to being tracked. Isn’t this coercion and illegal in the EU?
Every time I log into the FTB (CA tax authority) website I have to set a new password. I wish there were some affirmative guidance to stop doing this because at the moment governments still think forcing password changes makes it “safer”.
> I wish there were some affirmative guidance to stop doing this because at the moment governments still think forcing password changes makes it “safer”.
NIST SP 800-63B-4 [0] seems to be pretty clear “affirmative guidance”, though its only actually legally required in certain circumstances.
[0] https://pages.nist.gov/800-63-4/sp800-63b.html @ 3.1.1.2: “[...] Verifiers and CSPs SHALL NOT require subscribers to change passwords periodically. However, verifiers SHALL force a change if there is evidence that the authenticator has been compromised. [...]”
reply