zCat on Nostr: Six password takeaways from the updated NIST cybersecurity framework Password ...
Six password takeaways from the updated NIST cybersecurity framework
Password security is changing — and updated guidelines from the National Institute of Standards and Technology (NIST) reject outdated practices in favor of more effective protections.
Don't have time to read the 35,000-word guidelines? No problem. Here are the six takeaways from NIST’s new guidance that your organization needs to know to create password policies that work.
1. Password length > password complexity
2. Facilitate longer passwords
3. Implement MFA
4. Avoid frequent password changes
5. Prevent the use of already-breached passwords
6. Discontinue password hints and other knowledge-based recovery
See more: https://www.bleepingcomputer.com/news/security/six-password-takeaways-from-the-updated-nist-cybersecurity-framework/
#cybersecurity #password #passwordpolicy
Password security is changing — and updated guidelines from the National Institute of Standards and Technology (NIST) reject outdated practices in favor of more effective protections.
Don't have time to read the 35,000-word guidelines? No problem. Here are the six takeaways from NIST’s new guidance that your organization needs to know to create password policies that work.
1. Password length > password complexity
2. Facilitate longer passwords
3. Implement MFA
4. Avoid frequent password changes
5. Prevent the use of already-breached passwords
6. Discontinue password hints and other knowledge-based recovery
See more: https://www.bleepingcomputer.com/news/security/six-password-takeaways-from-the-updated-nist-cybersecurity-framework/
#cybersecurity #password #passwordpolicy
quoting nevent1q…rkpdHow to Plan a New (and Improved!) Password Policy for Real-World Security Challenges
Many organizations struggle with password policies that look strong on paper but fail in practice because they're too rigid to follow, too vague to enforce, or disconnected from real security needs.
Password policy must be strict enough to protect your systems, flexible enough for daily work, and precise enough to be enforced consistently. Let's explore five strategies for building a password policy that works in the real world.
1. Build compliant password practices
2. Review your existing password obligations
3. Create a policy based on real data
4. Put some muscle in your password policy
5. Create password standards that stick
See more: https://thehackernews.com/2024/12/how-to-plan-new-and-improved-password.html
#cybersecurity #password #passwordpolicy