AmicitasSep 26, 2024

NIST proposes barring some of the most nonsensical password rules

https://lemmy.world/post/20190319

NIST proposes barring some of the most nonsensical password rules - Lemmy.World

Here is the text of the NIST sp800-63b [https://pages.nist.gov/800-63-4/sp800-63b.html] Digital Identity Guidelines.

Show threadumami_wasabiSep 26, 2024

the document is nearly impossible to read all the way through and just as hard to understand fully

It is a boring document but it not impossible to read through, nor understand. The is what compliances officer need to read through and understand. I have a (useless) cybersecurity degree and reading NIST publications is part of my lecture.

Show threadToriborSep 26, 2024

My career as a sysadmin consistently has me veering toward security and compliance and my brain is absolutely fried on trying to figure out what these huge docs actually mean, how they apply to the things I’m responsible for and what we’re supposed to do about it.

Props to all the folks that can do it without losing their mind.

Show threadcatloaf
You break it down into chunks and delegate. They’re not expecting any one person to implement the whole thing.
Sep 26, 2024 at 3:23amWeb
Show threadToriborSep 29, 2024

They’re not expecting any one person to implement the whole thing.

Hahaha, tell that to leadership! 😩