Challenging common beliefs about best practices in password hygiene.

The death of the password has long been predicted by hopeful security experts who lament the longstanding issues with the world's oldest authenticator. The truth is that the password is not only alive and kicking, but it still remains the dominant login credential in enterprise settings. Some 70% of organizations rely on a password-centric approach to authentication.

While organizations should definitely try to increase the penetration of multi-factor authentication (MFA) and password-less authenticators across their systems, in the meantime they should do what they can to improve the security of their existing credential systems. One thing to keep in mind is that a lot of new research and guidance in the last few years has changed industry consensus as to the best way of doing this.

 

The latest iteration of the NIST Digital Identity Guidelines (Special Publication 800-63B), for example, challenged conventional wisdom about password hygiene on several fronts. Read on to glean some of the latest in unconventional wisdom about passwords that cybersecurity leaders should know.

About the Author(s)

Ericka Chickowski, Contributing Writer

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights