NIST 2024 Password Guidelines: Enhancing Security with Simplicity and Usability
NIST's 2024 password guidelines focus on simplifying and strengthening password security through usability rather than complexity. Key changes include recommending longer passwords (minimum 15 characters) over complex ones, eliminating forced password rotations unless a breach occurs, and allowing ASCII and Unicode characters, including emojis. Additionally, password hints and out-of-wallet security questions are discouraged due to their vulnerability to social engineering. Organizations are urged to implement password blocklists to prevent weak or compromised passwords and adopt multi-factor authentication (MFA), especially phishing-resistant methods, for enhanced security
https://www.cybersecuritydive.com/news/password-guidance-NIST-IAM/734291/
Comments
Post a Comment