NIST has revised their guidelines on password restrictions. These were the guys back in 2003 that said at least 8 chars, 1 upper case, one number, one special char. Study after study has shown that this rule makes passwords less secure (read the article). But everyone keeps using this old antiquated rule.
Has anyone had any success in getting their team to stop doing this?
https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/
#UX #passwords
Scott Jenson /
npub1rx…qjq60
2023-09-01 20:55:30
Author Public Key
npub1rxsaaak8vdzlfg3lcsg2vnx8v9vnf98ec55v6qv0g4xhqu22kpzq9qjq60Published at
2023-09-01 20:55:30Event JSON
{
"id": "c69e7d4108dd85184ef062b0ab1c33772a944d8e115cf0d0685c7d2574ae145a",
"pubkey": "19a1def6c76345f4a23fc410a64cc761593494f9c528cd018f454d70714ab044",
"created_at": 1693594530,
"kind": 1,
"tags": [
[
"t",
"ux"
],
[
"t",
"passwords"
],
[
"proxy",
"https://social.coop/users/scottjenson/statuses/110991411172651029",
"activitypub"
]
],
"content": "NIST has revised their guidelines on password restrictions. These were the guys back in 2003 that said at least 8 chars, 1 upper case, one number, one special char. Study after study has shown that this rule makes passwords less secure (read the article). But everyone keeps using this old antiquated rule.\n\nHas anyone had any success in getting their team to stop doing this?\nhttps://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/\n#UX #passwords",
"sig": "f5fba6da8f55e4cd108c5c3c1fcf2ddf0d2361f36411bc362e710ae63a7b5462e09e12b224feebce4ad62e257b7bc5d9360c2ae022cd8ab7197dad9a2a36a6a3"
}