4 matches found
What NIST’s latest password standards mean, and why the old ones weren’t working
Say goodbye to the days of using the "@" symbol to mean "a" in your password or replacing an "S" with a "$." The U.S. National Institute of Standards and Technology NIST recently announced new guidelines for the ways website and organizations should handle password creation and management that wi...
NIST Recommends Some Common-Sense Password Rules
NIST's second draft of its "SP 800-63-4"--its digital identify guidelines--finally contains some really good rules about passwords: The following requirements apply to passwords: 1. lVerifiers and CSPs SHALL require passwords to be a minimum of eight characters in length and SHOULD require...
How far have we come? The evolution of securing identities
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Troy Hunt, founder of Have I Been Pwned,...
Simple Banking Security Tip: Verbal Passwords
There was a time when I was content to let my bank authenticate me over the phone by asking for some personal identifiers SSN/DOB that are broadly for sale in the cybercrime underground. At some point, however, I decided this wasn't acceptable for institutions that held significant chunks of our...