Changes in Password Best Practices - Schneier on Security


42 bookmarks. First posted by farley13 october 2017.


NIST recently published its four-volume SP800-63b Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: These password rules were failed attempts to fix the user. Better we fix the security systems. via Pocket
Pocket 
12 weeks ago by driptray
NIST recently published its four-volume SP800-63b Digital Identity Guidelines. Among other things, it makes important suggestions when it comes to passwords...
october 2017 by SecurityFeed
Changes in Password Best Practices - Schneier on Security
from twitter
october 2017 by superdavey
Please, this: “Changes in Password Best Practices”
from twitter_favs
october 2017 by tahewett
Changes in Password Best Practices by Bruce Schneier via Schneier on Security http://ift.tt/2yW2aXx
IFTTT  NewsBlur 
october 2017 by bjtitus
Password expiration and special character requirements should go away in favor of long pass phrases. Any guess on how many years it will take security certification and audit functions to catch up to this wisdom? My guess is 5 years.
october 2017 by thingles
NIST recently published its four-volume SP800-63-3 Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: These password rules were failed attempts to fix the user. Better we fix the security systems. via Pocket
IFTTT  Pocket  schneier  on  security 
october 2017 by fdlbt
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords: These password rules were failed attempts to fix the user. Better we fix the security systems.
getpocket 
october 2017 by linkt
New guidance on password security. Yes!
password  Security  advice 
october 2017 by traggett
I just starred Changes in Password Best Practices on Inoreader http://bit.ly/2i34oB4
october 2017 by SEverson
Much needed changes in password best practices, official, from NIST. Get your company to adopt them please.
from twitter_favs
october 2017 by sclopit
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords:
Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.
Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.
Let people use password managers. This is how we deal with all the passwords we need.
These password rules were failed attempts to fix the user. Better we fix the security systems.
security  passwords  privacy  1password  gov2.0 
october 2017 by rgl7194
Changes in Password Best Practices NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines . Among other things, they make three…
from instapaper
october 2017 by wakemp
Summary of Changes in Password Best Practices from NIST.
from twitter
october 2017 by peba
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords:

Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.

Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.

Let people use password managers. This is how we deal with all the passwords we need.

These password rules were failed attempts to fix the user. Better we fix the security systems.
password  security  bestpractices 
october 2017 by kejadlen
Changes in Password Best Practices https://t.co/6psRAp6soJ

— Abraham Williams (@abraham) October 10, 2017
IFTTT  Twitter 
october 2017 by abraham
NIST says stop

1. the weird password complexity rules
2. expiring passwords
3. blocking password managers

🙌🏻🙌🏻🙌🏻
from twitter
october 2017 by zigg
RT : Changes in Password Best Practices
from twitter
october 2017 by danielpcox
Bruce Schneier on new password guidelines.
from twitter_favs
october 2017 by bdeskin
via Schneier on Security http://ift.tt/z8dJk0
IFTTT  Feedly 
october 2017 by eske
Changes in Password Best Practices // if only Indian banks would adapt this, particularly pt. 3
from twitter
october 2017 by sbmandal
via Schneier on Security http://ift.tt/z8dJk0
IFTTT  Feedly 
october 2017 by wacko42
via Schneier on Security http://ift.tt/z8dJk0
october 2017 by farley13