Lukasz OlejnikSep 24, 2024
GREAT change is approaching. NIST will standardise prohibition of requirement of composing passwords from various character styles, and requirement for periodic password changes. These are harmful and obsolete rules. Now they will be treated as a cybersecurity weakness https://pages.nist.gov/800-63-4/sp800-63b.html
NIST Special Publication 800-63B

NIST Special Publication 800-63B

Show threadObsurveyor
@LukaszOlejnik This is awesome! I had arguments with co-worker programmers at work *years* ago because I didn't enforce some arbitrary character set requirement and this was for a password for an internal, opt-in personal wellness program(i.e. not very important).
Sep 25, 2024 at 3:13amWeb