If password expiration is applied, should door-locks expiration be applied too?

After reading some topics in there about password expiration, and also after reading this comment, a question shown up in my mind: if we apply password expiration for the safety of users, should our door locks’ key also expire?

By door lock, I mean any physical restriction access we might have, so lock(s) on the server room door, on the company’s building entries (including maybe the backdoor for fire troopers or so), vaults, etc.

For physical-key based door locks, this would mean issuing a new metal key every X months/days/whatever, get the old key back and provide the new key to users (assuming they still are allowed to open the door). Sounds pretty heavy and complex, but it might help against copied keys or so.

For electronic-based door locks, this would mean reissuing new passwords/key accesses so the RFID/whatever card would need an upgrade with the new access key. Sounds lighter to do, even tho it still require all employee with an allowed access to do the upgrade one way another. Here, I assume the electronic card holds a “session token” somehow, not a never-changing user ID that the lock would compare to a database of allowed users (in such case, the user ID itself on both card and DB would need to be rotated).

So, is such policy applied in some companies, standards, etc or is that just a dumb idea I got?

Expiration Timer Job only does half the job

I have been testing expiration policies on a library.

I put in about 2 dozen documents and then run the expiration timer job in CA.

What I notice is that only half of the documents get processed.

I then run the timer job again and the other half get processed. Is this normal behaviour? Or is there some not so obvious configuration that needs to be set so the timer job has enough juice to finish the job?

To my mind 2 dozen documents doesn’t sound like much.

“Expiration” of a Domain Entity in Microservice Architecture

I want to implement an expiration functionality for a domain entity. For example:

User queries a Gift Code that should expire somewhere around 30 mins after creation.

I see several approaches to this problem:

  1. Create a Scheduler inside a Service which will run every 30mins in a separate execution thread and expire all Gift Codes. This approach seems not the best one in case of several running instances of a Service. They all will race for the update in database.
  2. Create a Scheduler service which will ping GiftCode service every 30mins. Request will be sent to a single instance of GiftCode service selected by some loadbalancer/discovery server.
  3. Expire Gift Code during its next query/update. This approach is not quite applicable because later some actions (ex. email sending) might be added to be executed after expiration.

My question is whether there might be a better solution to this problem than 3 above.

Europe: Do 90 days of Schengen apply automatically after expiration of Student visa?

This question might have already been answered but I cannot seem one to perfectly fit my situation. I am an albanian citizen and currently staying in Austria with a D Visa which is available for 6 months. It expires on June 30th. I have a flight to take on June 23rd to Italy where I need to stay till July 6th. Which means, my visa will expire when I’m in Italy. My question is, do my 90 days of Schengen apply directly after my visa expires or should I first go to Albania and then return for them to start being counted? If I wasn’t clear enough tell me and I will answer as soon as possible Thanks in advance

Traveling to Italy from USA with Italian Passport near Expiration

Traveling to Italy from the US with an Italian passport that will have less than 3 months left before expiration upon arrival in Italy and will also have a valid US Green Card with no expiration impending. I will return to US before six weeks before Italian Passport Expires.

a) will I have issues with departure from the US and entry into Italy ?

b) will I have issues with departure from Italy and re-entry into US ?

…just trying to figure out whether it is worth trying to renew passport before I leave for Italy

Thanks Rosa

Big bug: why does iCloud Keychain remember the wrong expiration month for all of my credit cards?

I’ve been adding credit cards to my iCloud Keychain for years, and after a few months, I notice that my payments receive errors when I use the autofill from iCloud.

The bug:

I’ve realized that iCloud Keychain consistently changes the expiration month (and nothing else) to one month earlier.

What I’ve tried:

I used to think that I’m entering it incorrectly the first time around. But then I went and purged all of them to be correct, but, alas, after some time, the months are incorrect again.

I’ve also tried deleting these cards and adding them fresh. To no avail.

Questions:

(1) Should I be worried that someone has access to my account? Or is this just a (major) bug in the iCloud Keychain?

(2) How do I fix this for good? I’ve just gone and corrected all of the months again.

Assuming that everyone always performs a revocation check, do we still need expiration time in each certificate?

I understand that each public key certificate includes an expiration time, and a CRL is issued periodically, listing all currently revoked certificates. However, in class we were told to think about whether or not we still needed expiration time in each certificate assuming a revocation check is always performed. I feel like we would still need an expiration time in each certificate because then, how would we know when a certificate is revoked?

If anyone could help broaden my mindset, it would be much appreciated