Lukasz OlejnikSep 24, 2024
GREAT change is approaching. NIST will standardise prohibition of requirement of composing passwords from various character styles, and requirement for periodic password changes. These are harmful and obsolete rules. Now they will be treated as a cybersecurity weakness https://pages.nist.gov/800-63-4/sp800-63b.html
NIST Special Publication 800-63B

NIST Special Publication 800-63B

Show threadIn3D.caSep 25, 2024

@LukaszOlejnik Finally I can stop storing nonsense answers to KBA questions in my password manager.

Why yes, my first pet's name was G0dzi11a7heHun, why do you ask?

Show threadスパックマン クリス

@in3dca @LukaszOlejnik

This! I actually had one site that (which I was on the phone with for some reason) said "oh, you'd like to use a secondary password instead of a security question?" and totally cool with it. I was shocked, in a good way.

Sep 25, 2024 at 9:42pmWeb