Over the years, security professionals have learned surprising lessons about how password policies affect user behavior. Faced with complicated password requirements and hundreds of online accounts to keep track of, people often take dangerous shortcuts—and criminals benefit.
To help organizations mitigate the risk posed by users’ bad password habits, the National Institute of Standards and Technology (NIST) designed a set of password guidelines that balance security and usability. The updated guidance abandons the long-held philosophy that passwords must be long and complex. In contrast, the new guidelines recommend that passwords should be “easy to remember” but “hard to guess.” According to NIST, usability and security go hand-in-hand.
Read this white paper to understand what NIST’s guidance means for your organization, including:
Why NIST has abandoned popular password complexity requirements
What’s special about new authenticator guidelines
How NIST approaches biometrics (hint: they’re not enough on their own)
What organizations can do to mitigate the risk caused by users’ bad habits
Solution: NIST Password Screening
Align with the latest password security guidelines from the National Institute of Standards and Technology (NIST).
SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.