New password guidelines: suggests everything we know about passwords is wrong

If you are like me tired of remembering complicated alphanumeric passwords then I have good news for you. NIST announced new guidelines for passwords. New password guidelines from the NIST(National Institute of Standards and Technology) suggest the way we have been making passwords is not as secure as we think. The password guidelines we are using today are the suggestions of Bill Burr in the year 2003. 

There are lots of websites or apps we use daily, it’s hard to remember a different complicated password for each of them. It’s not a wonder that’s why so many people each year suffer from document loss, account hack, etc. It’s not only about us that we are not using secure passwords. But at the same time due to high-end processors coming each day, hackers are getting more computing power for cracking passwords.

Since 2003 after applying Bill Burr guideline we learned a lot about password security. All that makes it harder for people to remember new complicated passwords.  This guideline required people to change passwords every 90 days. Most of us generally change passwords like “password@1” into “password@2”, which can be easily guessed.

The new guidelines stress longer passwords that don’t have to be so complicated and only have to change after a security breach. New guidelines suggest using longer passwords because cryptographically it’s harder to break long passwords than shorter ones. Here are the requirements,  

  • A new password can’t be known simple dictionary words but we can use sentences using those dictionary words.  
  • Passwords can not be repetitive or sequential characters (like “aaaaaa”  or “12345”).
  • Passwords should be 8 to 64 characters.
  • All ASCII and Unicode characters should be allowed in passwords, but not required. That means like now the use of alphanumeric characters is not necessary.  

  Those guidelines have been released but that does not mean the different services that require passwords are going to start following them. It will take some to apply new guidelines. Some companies may follow those guidelines some won’t.

If you have any queries, opinions, suggestions, and feedback tell me in the comments below👇You may also like this

Discover a hidden easter egg

Connect with us

read more

explore

other articles