Updated authentication.md issue #1520

[eth-developer03]

You're A Rockstar

Thank you for submitting a Pull Request (PR) to the Cheat Sheet Series.

🚩 If your PR is related to grammar/typo mistakes, please double-check the file for other mistakes in order to fix all the issues in the current cheat sheet.

Please make sure that for your contribution:

• In case of a new Cheat Sheet, you have used the Cheat Sheet template.
• All the markdown files do not raise any validation policy violation, see the policy.
• All the markdown files follow these format rules.
• All your assets are stored in the assets folder.
• All the images used are in the PNG format.
• Any references to websites have been formatted as [TEXT](URL)
• You verified/tested the effectiveness of your contribution (e.g., the defensive code proposed is really an effective remediation? Please verify it works!).
• The CI build of your PR pass, see the build status here.

If your PR is related to an issue, please finish your PR text with the following line:

This PR fixes issue #1520.

Thank you again for your contribution 😃

[mackowski]

I like adding more depth to this point but I personally prefer existing wording.
I would like to change it to something like:

Ensure credential rotation when a password leak occurs, at the time of compromise identification or when authenticator technology changes. Avoid requiring periodic password changes; instead, encourage users to pick strong passwords and enable Multi-Factor Authentication (MFA). According to NIST guidelines, verifiers should not mandate arbitrary password changes (e.g., periodically).

Also "Multi-Factor Authentication (MFA)" must link to MFA cheatsheet

[szh]

LGTM

[kwwall]

My only question is why do we have TWO PRs (this one and PR #1576) that address the same change? Let's not do that any more.

[jmanico]

My only question is why do we have TWO PRs (this one and PR #1576) that address the same change? Let's not do that any more.

Dammit Kevin.