New password guidelines: suggests everything we know about passwords is wrong

Share:
NIST declare new password guidelines

If you are like me tired of remembering complicated alphanumeric passwords then I have a good news for you. NIST announced new guidelines for passwords.

New password guidelines from the NIST(National Institute of Standards and Technology) suggest the way we have been making passwords is not as secure as we think. The password guidelines we are using today are the suggestions of Bill Burr in the year of 2003. 

There are lots of websites or apps we use daily, it's hard to remember a different complicated password for each of them. It's not a wonder that's  why so many people each year suffer from document loss, account hack etc. It's not only about us that we are not using secure passwords. But at the same time due to high-end processors coming each day, hackers are getting more computing power for cracking passwords.

Since 2003 after applying Bill Burr guideline we learned a lot about password security. All that makes harder for people to remember new complicated passwords.  This guideline required people to change passwords in every 90 days. Most of us generally change passwords like "password@1" into "password@2" - which can be easily guessed.

The new guidelines stress longer passwords that don't have to be so complicated and only have to change after a security breach. New guidelines suggest using longer passwords because cryptographically its harder to break long passwords than the shorter ones. Here are the requirements,

  • New password can't be known simple dictionary words but we can use sentence using those dictionary words.  
  • Passwords can not be repetitive or sequential characters (like "aaaaaa"  or "12345").
  • Passwords should be 8 to 64 characters.
  • All ASCII and Unicode characters should be allowed in passwords, but not required. That means like now the use of alpha numeric character is not necessary.  

Those guidelines have been released but that does not mean the different services that require passwords are going to start following them. It will take some to apply new guidelines. Some companies maybe follow those guidelines some won't.

If you have any queries, opinions, suggestions, and feedback tell me in comments below👇


26 comments:

  1. Very helpful information. Thank you for sharing with us!

    ReplyDelete
  2. Wow I never knew there was a body that regulates passwords. That being said having a longer password in form of a sentence can be cool. Thanks for the info

    ReplyDelete
    Replies
    1. Glad you found this information helpful.
      Thank you.

      Delete
  3. Oh my word, did not know there was a regulating body for this. It just gets harder every day, passwords everywhere, such a mission to remember all of them

    ReplyDelete
    Replies
    1. Passwords protect you from online data theft. If you find it hard to remember all your passwords, you can use a password manager to keep a track all of your passwords. (^_^)

      Delete
  4. This is useful information. I will remember while changing my passwords next.

    ❥ tanvii.com

    ReplyDelete
    Replies
    1. Glad you found this information useful. (^_^)

      Delete
  5. this is totally usefull post! thank you for sharing!

    ReplyDelete
    Replies
    1. My pleasure, glad to hear from you that you find this information helpful. (^_^)

      Delete
  6. Very helpful! I'll have to look into updating my passwords!

    -Nicole V

    ReplyDelete
    Replies
    1. Thanks Nicole V.

      Sure update your old passwords with strong ones. (^_^)

      Delete
  7. Such good password tips and reminders. My husband always tells me to change it up.

    ReplyDelete
    Replies
    1. Glad to know that you find this tips helpful. Your husband is right you should update your password soon. (^_^)

      Delete
  8. Very helpful post!... I am so bad with passwords.. I have recently learnt to not keep same passwords for all sites!

    ReplyDelete
    Replies
    1. Glad to hear that you find this post helpful. (^_^)
      By using different passwords for different sites will make them more secure. But you don't need to remember all of those you can use password manager.

      Delete
  9. Great info! PW are already so much fun to deal with... LOL Thank goodness for Lastpass and other programs like that.

    ReplyDelete
    Replies
    1. Thank you (^_^). Yes, really those programs helped us a lot.

      Delete
  10. I am never good with password and setting up a new password.I do agree with having a new password for all websites.

    ReplyDelete
    Replies
    1. Yes, eventually setting different password will save you from a critical situations. (^_^)

      Delete
  11. Wow! This is such a helpful tips to everyone. I'll have to check and update my password now.

    ReplyDelete
    Replies
    1. Glad to hear that you found this article helpful. (^_^)

      Delete
  12. I'll keep this in mind when I'm changing my passwords. Never knew!

    ReplyDelete
    Replies
    1. Yes, keep in mind every time you are changing your password. Personally I felt this guidelines can help me a lot because I'm not that good at remembering complicated passwords. (^_^)

      Delete
  13. It's a good idea to mix in numbers too in your passwords.

    ReplyDelete
    Replies
    1. Yes, mixing numbers and words more secure. (^_^)

      Delete