The US-based National Institute of Standards and Technology (NIST) is a government agency, producing guidelines that Australia’s own Australian Securities and Investments Commission (ASIC) tends to recommend.

Of importance in 2017 are the NIST password recommendations. The salient point is below:

What does this means for password selecting?

Make it random

But random passwords are hard to remember!

And here’s the trick

Good password examples:

BananasAndChicken-Yum$ – it’s 22 characters long
MyKidsDontLetMeSleep:( – also 22 characters
[email protected] – 25 characters

NIST recommends:

Go for password length & pass phrases

a minimum of 16 characters
make sure your password hints aren’t guessable
No single or permutations of dictionary words i.e. password or passw0rd

Passwords to change only when forgotten

Providing they are long & hard to guess

Use a password manager

Do your own due diligence to select a provider

Use Multi-factor Authentication (MFA)

Except for SMS which is not secure

Need help with any of this? Just call us!

What does this means for password selecting?

But random passwords are hard to remember!

Good password examples:

NIST recommends:

Go for password length & pass phrases

Passwords to change only when forgotten

Use a password manager

Use Multi-factor Authentication (MFA)

Related Posts

What Google learned from 1 billion evil email scams

How to lock down your Microsoft account and keep it safe from outside attackers

November spam roundup: Stalkers, property tips, porn, stern words and PayPal

Ransomware gangs are now cold-calling victims if they restore from backups without paying

The worst passwords of 2020 show we are just as lazy about security as ever!