If you are like me tired of remembering complicated alphanumeric passwords then I have a good news for you. NIST announced new guidelines for passwords.
New password guidelines from the NIST(National Institute of Standards and Technology) suggest the way we have been making passwords is not as secure as we think. The password guidelines we are using today are the suggestions of Bill Burr in the year of 2003.
There are lots of websites or apps we use daily, it's hard to remember a different complicated password for each of them. It's not a wonder that's why so many people each year suffer from document loss, account hack etc. It's not only about us that we are not using secure passwords. But at the same time due to high-end processors coming each day, hackers are getting more computing power for cracking passwords.
Since 2003 after applying Bill Burr guideline we learned a lot about password security. All that makes harder for people to remember new complicated passwords. This guideline required people to change passwords in every 90 days. Most of us generally change passwords like "password@1" into "password@2" - which can be easily guessed.
The new guidelines stress longer passwords that don't have to be so complicated and only have to change after a security breach. New guidelines suggest using longer passwords because cryptographically its harder to break long passwords than the shorter ones. Here are the requirements,
- New password can't be known simple dictionary words but we can use sentence using those dictionary words.
- Passwords can not be repetitive or sequential characters (like "aaaaaa" or "12345").
- Passwords should be 8 to 64 characters.
- All ASCII and Unicode characters should be allowed in passwords, but not required. That means like now the use of alpha numeric character is not necessary.
Those guidelines have been released but that does not mean the different services that require passwords are going to start following them. It will take some to apply new guidelines. Some companies maybe follow those guidelines some won't.
If you have any queries, opinions, suggestions, and feedback tell me in comments below👇
If you have any queries, opinions, suggestions, and feedback tell me in comments below👇