Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Those supposed;y secure passwords you routinely create are not secure at all

WSJ.com – “…Back in 2003, as a midlevel manager at the National Institute of Standards and Technology, Bill Burr was the author of “NIST Special Publication 800-63. Appendix A.” [this is the 2017 version] The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly. Long, easy-to-remember phrases now get the nod over crazy characters, and users should be forced to change passwords only if there is a sign they may have been stolen, says NIST, the federal agency that helps set industrial standards in the U.S…”

  • Via NIST- “The Special Publication (SP) 800-63 suite provides technical requirements for federal agencies implementing digital identity services. The publication includes: an overview of identity frameworks; using authenticators, credentials, and assertions in a digital system; and a risk-based process to select assurance levels. Organizations have the flexibility to choose the appropriate assurance level for their needs. SP 800-63 comprises a suite of documents that can be used independently or in concert to meet identity needs.”

Sorry, comments are closed for this post.