Lukasz OlejnikSep 24, 2024
GREAT change is approaching. NIST will standardise prohibition of requirement of composing passwords from various character styles, and requirement for periodic password changes. These are harmful and obsolete rules. Now they will be treated as a cybersecurity weakness https://pages.nist.gov/800-63-4/sp800-63b.html
NIST Special Publication 800-63B

NIST Special Publication 800-63B

Show threadBindestrichSep 25, 2024
@LukaszOlejnik why is different Charakter sets a Bad idea?
Show threadP4
@Bindestriche @LukaszOlejnik it's a bad idea to make specific characters mandatory. Don't force users to tweak their randomly generated high-entropy passwords just because the RNG didn't roll at least two digits or something silly like that.
Sep 25, 2024 at 4:07pmWeb