Complex passwords that use a combination of characters and change them frequently are no longer the best way to manage passwords, according to new guidance released by the National Institute of Standards and Technology (NIST), which develops and publishes guidelines to help organizations protect their information systems.
For years, complex passwords, combining uppercase and lowercase letters, numbers, and symbols, have been favored by experts and service providers because they are believed to make passwords harder to guess or crack through brute force attacks.
However, complex passwords are counterproductive and actually weaken security. Complex passwords encourage users to develop bad habits such as choosing simple passwords or reusing old passwords.
In its latest guidelines, NIST has encouraged using longer passwords instead of complex passwords.
The first reason is that people often have trouble remembering complex passwords, which leads them to use passwords that are easy to guess or to use the same password for multiple sites. This is exacerbated by the fact that many organizations require you to change your password every 60 to 90 days, which NIST no longer recommends.
Password strength is often measured by entropy, the number of possible combinations that can be created using the characters in the password. The higher the number of combinations, the harder the password is to crack using brute force or guessing methods.
Length plays a much larger role in the number of possible combinations than complexity. A longer password with more characters has exponentially more possible combinations.
The second reason is that long passwords with many simple words are easier to remember, ensuring users don't resort to unsafe practices like writing down passwords or reusing them.
Additionally, long passwords, due to the large number of possible combinations, are more difficult for complex algorithms to crack than short, complex passwords.
For example, changing a password from 4 digits to 6 digits increases the number of possible combinations from 10,000 to 1,000,000.
NIST recommends that users create passwords that are up to 64 characters long. A password that uses only lowercase letters and words is extremely difficult to crack, while one that includes uppercase letters and symbols becomes mathematically impossible to crack.
Struggling with Microsoft Teams "Download Error" on PC? Discover proven, step-by-step fixes to resolve download failed issues quickly. Get back to seamless collaboration in minutes—no tech skills needed!
Stuck with Microsoft Teams "Error L" License error? Follow this step-by-step troubleshooting guide to resolve licensing issues quickly, restore access, and boost productivity without IT hassle. Updated with latest fixes.
Tired of Microsoft Teams video call freezing mid-meeting? Follow this proven troubleshooting Microsoft Teams video call freezing guide with quick fixes, advanced tips, and real solutions to restore smooth video instantly.
Frustrated by Microsoft Teams 'Download Failed Due to Unexpected Error'? Discover proven, step-by-step solutions to fix this common issue quickly and get back to seamless collaboration. Updated with the latest fixes for peak performance.
Frustrated because your Microsoft Teams recording failed? Uncover the top common reasons like permissions issues, storage limits, and network glitches, plus step-by-step fixes to prevent future failures and record flawlessly every time.
Struggling with Microsoft Teams "Error B" connection? Discover step-by-step fixes for smooth connectivity. Clear cache, check networks, and more in this ultimate guide to resolving Error B instantly.
Tired of the frustrating Microsoft Teams "Application Is In A Bad State" error crashing your meetings? Discover proven, step-by-step fixes to resolve it quickly and restore smooth teamwork. Updated with the latest solutions.
Discover simple steps to check your Microsoft Teams version history and build number on desktop, web, and mobile. Stay updated with the latest features and fixes effortlessly. Perfect for IT pros and everyday users.
Tired of Microsoft Teams "Uninstall Error" Stuck? Discover proven, step-by-step fixes to completely remove Teams from your PC. Works on latest Windows versions – no tech skills needed!
Facing the frustrating Microsoft Teams "Where is My Team?" error? Discover step-by-step troubleshooting tips, common causes, and quick fixes to resolve it instantly and resume seamless collaboration. Updated with the latest solutions.
Tired of Microsoft Teams VDI errors crashing your virtual machine calls? Get step-by-step fixes for audio glitches, video freezes, and optimization issues on Citrix, VMware, or RDP setups. Boost productivity now!
Struggling with Microsoft Teams Error AADSTS70011? Discover step-by-step fixes for invalid scope errors, clear cache tips, and quick authentication resets to get back to seamless collaboration in minutes. Updated with latest Teams patches.
Stuck with Microsoft Teams unknown error "Something Went Wrong"? Discover quick, effective troubleshooting steps to resolve it instantly. Updated with the latest fixes for seamless collaboration.
Is Microsoft Teams download not working on your PC? Discover proven fixes for installation errors, slow downloads, and crashes. Get Teams running smoothly in minutes with our step-by-step guide.
Tired of the frustrating Microsoft Teams Wiki Tab Missing error? Follow our proven, step-by-step guide to restore your Wiki tab instantly and boost team collaboration without hassle.
