The US-based National Institute of Standards and Technology (NIST) is a government agency, producing guidelines that Australia’s own Australian Securities and Investments Commission (ASIC) tends to recommend.

Of importance in 2017 are the NIST password recommendations. The salient point is below:

What does this means for password selecting?

  1. Make it random

But random passwords are hard to remember!

And here’s the trick

Good password examples:

  • BananasAndChicken-Yum$ – it’s 22 characters long
  • MyKidsDontLetMeSleep:( – also 22 characters
  • [email protected] – 25 characters

How to set a good password in 2022 NIST recommends:

Go for password length & pass phrases

  • a minimum of 16 characters
  • make sure your password hints aren’t guessable
  • No single or permutations of dictionary words i.e. password or passw0rd

Passwords to change only when forgotten

  • Providing they are long & hard to guess

Use a password manager

  • Do your own due diligence to select a provider

Use Multi-factor Authentication (MFA)

  • Except for SMS which is not secure

Need help with any of this? Just call us!