The US-based National Institute of Standards and Technology (NIST) is a government agency, producing guidelines that Australia’s own Australian Securities and Investments Commission (ASIC) tends to recommend.

Of importance in 2017 are the NIST password recommendations. The salient point is below:

What does this means for password selecting?

  1. Make it random

But random passwords are hard to remember!

And here’s the trick

Good password examples:

  • BananasAndChicken-Yum$ – it’s 22 characters long
  • MyKidsDontLetMeSleep:( – also 22 characters
  • [email protected] – 25 characters

NIST recommends:

Go for password length & pass phrases

  • a minimum of 16 characters
  • make sure your password hints aren’t guessable
  • No single or permutations of dictionary words i.e. password or passw0rd

Passwords to change only when forgotten

  • Providing they are long & hard to guess

Use a password manager

  • Do your own due diligence to select a provider

Use Multi-factor Authentication (MFA)

  • Except for SMS which is not secure

Need help with any of this? Just call us!


Subscribe now to the monthly newsletter that delivers the 
information that makes your business smarter.