Sorry, but you're doing your pa$$w0rds all wrong
Maintaining a set of strong, unique passwords is tough work these days — and yet it's never been more important. With so much time spent online, keeping digital ne'er-do-wells out of our accounts is a basic prerequisite for making it through the day. But here's the thing: It turns out that the "strong" password requirements we've all come to know aren't actually helping. In fact, they may be doing more harm than good. This news was first brought to our attention in May when experts at the National Institute of Standards and Technology (NIST) issued a draft report challenging many of our long-held assumptions about what makes a good password (what it calls a "memorized secret"). That draft was finalized in June, and it provides a comprehensive list of do's and don'ts when it comes to password hygiene. And while that NIST recommendation keeps some of the old favorites, it also packs a few surprises. Make your password at least 8 characters long.We knew this one already, and the basic advice to avoid short passwords hasn't changed. "Passwords that are too short yield to brute force attacks as well as to dictionary attacks using words and commonly chosen passwords," the NIST guidelines remind us. Consider making it even longer. Have you ever had a password rejected because it was too long? Yeah, that's a bonkers thing that happens sometimes. The folks at NIST want to change that, and say that service providers should allow passwords of up to 64-characters in length. Take advantage of this and choose long passphrases to protect your accounts. Keep your password as long as you'd like (within reason). Say goodbye to forced password resets every 90 days or so. Haven't been notified of a breach, or clinked on any shady links? Feel free to keep your password as it. Things get weird? Well then that'swhen you should change your password. Use a password manager. Password managers, like LastPass, allow you to have robust and unique passwords for each and every site. Use one — it's worth it. Throw out those special characters.Forget all the @'s, $'s, and &'s that you've come to accept as standard password requirements. You don't need those anymore. They just make it harder to remember your actual password, and they don't actually make it stronger. Get rid of password hints. Password hints are trouble, as they make it easier for a stranger to guess their way into your account. Don't use them. Stop it with the password reset questions. Answers to questions like "what was the name of your first pet” are hardly state secrets, and yet that's all some services require for a password reset. Skip these. Avoid the "1234567" trap. Stay away from what NIST refers to as "repetitive or sequential characters." That means your password of "ffffffff" has to go, too. Making your password the name of the service? Yeah, no. If the password for your Gmail account is "yournameGmail" then you're doing it wrong. Don't put the name of the service, your name, or any derivation thereof in your password. Got it? Following this advice will benefit you in two ways, both by making it easier to remember your passwords andmaking them stronger. It's a rare and wonderful thing when taking your medicine actually tastes good, and yet that's the exact situation here. So embrace the new NIST guidelines, because when it comes to digital security they're the rare bit of good news. The do's:
They'll never know...Credit: designer491/Getty ImagesThe don'ts:
Featured Video For You
Step inside the secretive class that turns people into hackers
相关推荐
-
11 Telescopes Exploring The Magic of Space
-
Nail professionals warn against TikTok trend of gel curing press
-
Capitalizing “white” won’t fix the media’s racism problem.
-
Seoul city to crack down on teen use of 'Room cafes'
-
Google Search tries new tactics for limiting explicit deepfakes
-
Skepticism prevails in US about NK commitment
- 最近发表
-
- Apple Intelligence is now a little easier to get outside the U.S.
- 灾后换表忙 供电恢复快
- I tried 3 TikTok
- Will there be third North Korea
- How much will PCB's Champions Cup mentors be paid?
- 兰开驰会见中国恒天集团副总裁李晓红
- Instagram rolls out in
- US, North Korea trying to get 'sequencing' right in nuclear talks: Pompeo
- 特写|在农事定向大赛遇见和美乡村
- IOC approves Korean proposal for unified teams, joint march at Tokyo 2020
- 随机阅读
-
- 雅安公安接连破获两起汉源湖非法捕捞案
- Over 10,000 MrBeast fans showed up to buy a burger. We asked them why.
- TikTok creators and influencers are protesting against Amazon
- National coin shortage: everything you need to know.
- 24 Museums Dedicated to Black History
- 'Quordle' today: See each 'Quordle' answer and hints for August 13
- Travel reporter Victoria Walker on being a Black American in the rest of the world.
- 灾后换表忙 供电恢复快
- SCOTUS: The courts implementing Project 2025, without Trump.
- Capitalizing “white” won’t fix the media’s racism problem.
- 保护野生动植物 保护人类生存环境
- 成雅铁路将增设两组动车加密发车班次
- 海丰芥蓝入选全国名特优新农产品名录
- America's pandemic policy is built on choosing money over lives.
- Who is Andrew Tate? And why is the controversial figure taking over TikTok?
- Le Graet forced to step down
- SCOTUS: The courts implementing Project 2025, without Trump.
- Best deals of the day Nov. 10: Gourmia air fryer, Samsung Galaxy Book, 2022 iPad Pro, and more
- 参观“三化建设”成果了解检察机关工作情况
- The problem with "community policing" reforms.
- 搜索
-
- 友情链接
-