PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
February 2017, Vol. 19, No. 1

What new NIST password recommendations should enterprises adopt?

The National Institute for Standards and Technology, or NIST, is creating new guidelines for password policies, which will be adopted by the U.S. government. The Digital Authentication Guideline is up for public preview on GitHub and NIST's website. What are some of the significant changes in NIST's recommendations? Should enterprises consider adopting these password recommendations? Many enterprises and online services are looking to replace the much maligned password. Several financial service companies, for example, are rolling out biometric authentication options for their customers, and Google offers the option of two-factor authentication, where a verification code is sent to a user's mobile phone. However, there's still no universally accepted alternative to the password. So, despite its weaknesses, both in terms of security and practical use, many systems rely on it -- even if only as a fail-safe for when a user's fingerprint or voice can't be correctly identified. Since passwords are here to stay for a while longer, ...

Features in this issue

Columns in this issue

Enterprise Desktop
Cloud Computing