WTS Tech Tip - Password Guidelines 🔐

For the longest time, security experts have recommended long, and complex passwords. Of course, the more complexity you add to a password, the harder it is to crack but harder to remember.

Complexity often fosters frustration, which in turn promotes laziness and tempts people to use the same password for multiple accounts. But there is hope! The National Institute of Standards and Technology (NIST) released a special publication of updated best practices for creating passwords. Here are the highlights:

Tip #1 - Ditch the complexity

Passwords that feature a bunch of random characters and capitalization no longer get the stamp of approval. Instead, passphrases that feature simplicity now top the list of recommendations.

Tip #2 - Screen new passwords for weaknesses

Screen passwords against a list that contains commonly used or compromised passwords. Here are examples of what that list may include:

o Passwords obtained from previous breaches.

o Dictionary words.

o Repetitive or sequential characters.

o Context-specific words, such as the name of the service, the username, and derivatives thereof.

Tip #3 - End arbitrary password replacement

Say goodbye to periodic or frequent password changes, a process that does more harm than good.

Only force changes if a security incident occurs which compromises existing accounts.

Call us today!

How many of you keep that little book of passwords? The one that if lost or stolen would cause severe damage to you or your business? Call us today, we have a better way to manage your security!