Creating and maintaining strong passwords just got easier

The National Institute of Standards and Technology (NIST) has updated its password guidelines, emphasizing length over complexity. Longer passwords, at least 15 characters, are now deemed more secure than short, complex ones. This shift recognizes that long, simple phrases are harder to crack than short, complex passwords. The new guidelines also discourage routine password changes, as they often lead to weaker passwords. Instead, passwords should be changed only if there's a chance of compromise. Passphrases, consisting of random words or memorable phrases, are encouraged as they are both secure and easy to remember. Multi-factor authentication, using a second form of verification, is highly recommended for enhanced security. NIST advises organizations to eliminate confusing password requirements and security questions. Users should be allowed to set passwords up to 64 characters long. These updated guidelines aim to make password security less cumbersome and more effective, while also prioritizing user convenience.