Posted by paradonym
Photon

time based expiring passwords

Problem: Social Engineer walks by a company window, sees a TeamViewer seemingly unused running there, remembers access data.
The same day at the evening he tries whether the PC has been turned off or not and he's connected to the companies network (because the password which has been shown hadn't changed even after a few connections - and he can be 90% sure that this teamviewer runs on default settings.

solution: Expiring passwords. Letting passwords expire after 5 minutes (or similar) even the unused ones. It isn't enough to have an optional setting to change it after every session, you need to have expiring unused passwords to get rid of above situation.