Password Safety Recommendation
Password security can be confusing, even to IT companies. Regulations and standards change constantly, and it’s not easy to stay on top of the latest recommendations from reputable sources like NIST (National Institute of Standards and Technology). It used to be that passwords should be changed every so often and include all kinds of special characters and numbers resembling something that is barely legible.
Recently, NIST released new recommendations that removed the need to change passwords every month or every few months. They found that forcing employees to change their passwords so often resulted in worsened password security as a direct result of that. NIST also changed the recommendation to require special characters and numbers. Now, they recommend longer passwords like a sentence because it is more secure than the previous recommendation.
Employees can rejoice because they no longer have to change their password every month! Passwords are now recommended to be longer, without symbols and numbers, and do not need to be changed constantly. IT departments are encouraged to screen passwords against known compromised passwords to avoid making any breaches or attacks easier for hackers.