Using a variety of character types in your passwords and changing them on a regular basis are no longer considered best practices for password management.
This is according to new standards published by the United States National Institute of Standards and Technology, which develops and publishes guidelines to assist organisations in safeguarding their information systems.
The new guidelines were published in September 2024 as part of NIST’s second public draft of SP 800-63-4, the most recent iteration of its Digital Identity guidelines.
Change in password recommendations
Over the years, conventional wisdom recommended having complex passwords that included upper and lower case characters, numbers, and symbols. This complexity was intended to make passwords difficult to guess or crack using brute force assaults.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: