Changes in Password Best Practices - Schneier on Security


42 bookmarks. First posted by farley13 9 weeks ago.


NIST recently published its four-volume SP800-63b Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: These password rules were failed attempts to fix the user. Better we fix the security systems. via Pocket
Pocket 
7 weeks ago by driptray
NIST recently published its four-volume SP800-63b Digital Identity Guidelines. Among other things, it makes important suggestions when it comes to passwords...
8 weeks ago by SecurityFeed
Changes in Password Best Practices - Schneier on Security
from twitter
8 weeks ago by superdavey
Please, this: “Changes in Password Best Practices”
from twitter_favs
8 weeks ago by tahewett
Changes in Password Best Practices by Bruce Schneier via Schneier on Security http://ift.tt/2yW2aXx
IFTTT  NewsBlur 
9 weeks ago by bjtitus
Password expiration and special character requirements should go away in favor of long pass phrases. Any guess on how many years it will take security certification and audit functions to catch up to this wisdom? My guess is 5 years.
9 weeks ago by thingles
NIST recently published its four-volume SP800-63-3 Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: These password rules were failed attempts to fix the user. Better we fix the security systems. via Pocket
IFTTT  Pocket  schneier  on  security 
9 weeks ago by fdlbt
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords: These password rules were failed attempts to fix the user. Better we fix the security systems.
getpocket 
9 weeks ago by linkt
New guidance on password security. Yes!
password  Security  advice 
9 weeks ago by traggett
I just starred Changes in Password Best Practices on Inoreader http://bit.ly/2i34oB4
9 weeks ago by SEverson
Much needed changes in password best practices, official, from NIST. Get your company to adopt them please.
from twitter_favs
9 weeks ago by sclopit
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords:
Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.
Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.
Let people use password managers. This is how we deal with all the passwords we need.
These password rules were failed attempts to fix the user. Better we fix the security systems.
security  passwords  privacy  1password  gov2.0 
9 weeks ago by rgl7194
Changes in Password Best Practices NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines . Among other things, they make three…
from instapaper
9 weeks ago by wakemp
Summary of Changes in Password Best Practices from NIST.
from twitter
9 weeks ago by peba
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords:

Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.

Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.

Let people use password managers. This is how we deal with all the passwords we need.

These password rules were failed attempts to fix the user. Better we fix the security systems.
password  security  bestpractices 
9 weeks ago by kejadlen
Changes in Password Best Practices https://t.co/6psRAp6soJ

— Abraham Williams (@abraham) October 10, 2017
IFTTT  Twitter 
9 weeks ago by abraham
NIST says stop

1. the weird password complexity rules
2. expiring passwords
3. blocking password managers

🙌🏻🙌🏻🙌🏻
from twitter
9 weeks ago by zigg
RT : Changes in Password Best Practices
from twitter
9 weeks ago by danielpcox
Bruce Schneier on new password guidelines.
from twitter_favs
9 weeks ago by bdeskin
via Schneier on Security http://ift.tt/z8dJk0
IFTTT  Feedly 
9 weeks ago by eske
Changes in Password Best Practices // if only Indian banks would adapt this, particularly pt. 3
from twitter
9 weeks ago by sbmandal
via Schneier on Security http://ift.tt/z8dJk0
IFTTT  Feedly 
9 weeks ago by wacko42
via Schneier on Security http://ift.tt/z8dJk0
9 weeks ago by farley13