Common password management practices include which of the following?

NIST no longer recommends requiring password changes on a regular basis, and instead suggests that passwords only be changed when necessary. This helps to prevent password reuse and avoids influencing users to slightly modify passwords. Disabling MFA, reusing passwords, and using passwords hints are all practices that should be avoided.