NIST to Security Admins: You’ve Made Passwords too Hard

126

Despite the fact that cybercriminals stole more than 3 billion user credentials in 2016, users don’t seem to be getting savvier about their password usage. The good news is that how we think about password security is changing as other authentication methods become more popular.

Password security remains a Hydra-esque challenge for enterprises. Require users to change their passwords frequently, and they wind up selecting easy-to-remember passwords. Force users to use numbers and special characters to select a strong password and they come back with passwords like Pa$$w0rd.

Read more at InfoWorld