Passwords are difficult for most people. We’re just not wired to retain that information properly. Humans are far better at remembering a sentence than a complex P@ssW0rD!
Luckily NIST has finally caught up to Biztactix in recommending the following:
- Dropping automatic password resets – No more changing passwords every 3 months!
- Forget complex passwords, People make far worse passwords on purpose to be able to remember them
- 2 Factor authentication should be used
At Biztactix we’ve been doing all but the 2 factor as the BARE MINIMUM. If you don’t understand why, Check out XKCD, who did a funny, but entirely accurate assesment
https://xkcd.com/936/
We’re glad that people will be able to start using sane passwords in governments soon, as I’m sure plenty of people had passwords taped to their screens because of all the hoops!
