koldfront

Password best practices in the 21st century #security

NIST tells it like it is:

"Verifiers SHOULD NOT impose other composition rules (mixtures of different character types, for example) on memorized secrets. Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically) unless there is evidence of compromise of the authenticator or a subscriber requests a change." - DRAFT NIST Special Publication 800-63B, Digital Authentication Guideline, Authentication and Lifecycle Management

Add comment?

Title:

Name:

Email (won't be displayed online):

Text:

0.0192 s
webcustodian@koldfront.dk