Changes to the National Institute of Standards and Technology (NIST) password guidelines were welcomed as long overdue. Security professionals criticized the old guidelines, which recommended a mix of numbers, letters and special characters that are changed periodically.
When I read the new document, I was surprised that it doesn’t account for very common attacks. In short, NIST guidance leaves people who rely solely upon passwords for authentication, which seems to be a majority of accounts, more vulnerable.
Copyright 2017 NETWORKFIGHTS.COM