Changes in Password Best Practices - Schneier on Security


38 bookmarks. First posted by farley13 9 days ago.


NIST recently published its four-volume SP800-63b Digital Identity Guidelines. Among other things, it makes important suggestions when it comes to passwords...
2 days ago by SecurityFeed
Changes in Password Best Practices - Schneier on Security
from twitter
2 days ago by superdavey
Please, this: “Changes in Password Best Practices”
from twitter_favs
2 days ago by tahewett
Changes in Password Best Practices by Bruce Schneier via Schneier on Security http://ift.tt/2yW2aXx
IFTTT  NewsBlur 
5 days ago by bjtitus
Password expiration and special character requirements should go away in favor of long pass phrases. Any guess on how many years it will take security certification and audit functions to catch up to this wisdom? My guess is 5 years.
7 days ago by thingles
NIST recently published its four-volume SP800-63-3 Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: These password rules were failed attempts to fix the user. Better we fix the security systems. via Pocket
IFTTT  Pocket  schneier  on  security 
7 days ago by fdlbt
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords: These password rules were failed attempts to fix the user. Better we fix the security systems.
getpocket 
8 days ago by linkt
New guidance on password security. Yes!
password  Security  advice 
8 days ago by traggett
I just starred Changes in Password Best Practices on Inoreader http://bit.ly/2i34oB4
8 days ago by SEverson
Much needed changes in password best practices, official, from NIST. Get your company to adopt them please.
from twitter_favs
8 days ago by sclopit
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords:
Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.
Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.
Let people use password managers. This is how we deal with all the passwords we need.
These password rules were failed attempts to fix the user. Better we fix the security systems.
security  passwords  privacy  1password  gov2.0 
8 days ago by rgl7194
Changes in Password Best Practices NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines . Among other things, they make three…
from instapaper
8 days ago by wakemp
Summary of Changes in Password Best Practices from NIST.
from twitter
9 days ago by peba
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords:

Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.

Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.

Let people use password managers. This is how we deal with all the passwords we need.

These password rules were failed attempts to fix the user. Better we fix the security systems.
password  security  bestpractices 
9 days ago by kejadlen
Changes in Password Best Practices https://t.co/6psRAp6soJ

— Abraham Williams (@abraham) October 10, 2017
IFTTT  Twitter 
9 days ago by abraham
NIST says stop

1. the weird password complexity rules
2. expiring passwords
3. blocking password managers

🙌🏻🙌🏻🙌🏻
from twitter
9 days ago by zigg
RT : Changes in Password Best Practices
from twitter
9 days ago by danielpcox
Bruce Schneier on new password guidelines.
from twitter_favs
9 days ago by bdeskin
via Schneier on Security http://ift.tt/z8dJk0
IFTTT  Feedly 
9 days ago by eske
Changes in Password Best Practices // if only Indian banks would adapt this, particularly pt. 3
from twitter
9 days ago by sbmandal
via Schneier on Security http://ift.tt/z8dJk0
IFTTT  Feedly 
9 days ago by wacko42
via Schneier on Security http://ift.tt/z8dJk0
9 days ago by farley13