Password

24th December 2019 | Cybrary Password

Password authenticity graphic

 

Image Source

A password is a string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorization.

Early password advice from NIST in 2003 was to use 9-character, complex passwords (UPPERCASE, lowercase, special characters !@#$%, and numbers) and to be changed every 90 days. In 2017, NIST amended its advice because the consequences of their early advice was less secure than their new advice.

2017 NIST password Advice was to migrate companies to 14+ character passphrases that did not require complexity nor expire.

Related Terms: Password Manager, Passphrases

Source: FIPS 140-2

To learn more about passwords, passphrases, and password managers, watch this short video:

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’. Sign up for the monthly newsletter to help CyberHoot with their mission of making the world ‘More Aware and More Secure!’

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Top 10 Emerging AI-Based Threats Every Business Must Prepare For

Top 10 Emerging AI-Based Threats Every Business Must Prepare For

Artificial Intelligence (AI) is transforming productivity and efficiency, but it’s also arming cybercriminals...

Read more
Microsoft Rolling Out Token Protection: Practical Guidance for MSPs

Microsoft Rolling Out Token Protection: Practical Guidance for MSPs

Part 2 of Our Microsoft Entra Security Series In Part 1, we explored how Microsoft’s Token Protection...

Read more
Why Traditional Phishing Tests Fail — And How the Latest Research Proves It’s Time for a Change

Why Traditional Phishing Tests Fail — And How the Latest Research Proves It’s Time for a Change

For years, organizations have relied on fake email phishing simulations to measure employee resilience to...

Read more