NIST password guidelines

A Brief Summary of NIST Password Guidelines

National Institute of Standards and Technology (NIST) has been substantially revising its password guidelines since 2017. Previous recommendations have been changed, including combining symbols, letters, and numeric to create complex passwords; changing passwords frequently; or requiring users to generate passwords of a specified length. The changes address findings from NIST related to the human factors that cause users to create …

Creating a NIST Password Policy for Active Directory https://www.enzoic.com/creating-a-nist-password-policy-for-active-directory/

Creating a NIST Password Policy for Active Directory

NIST recommends rejecting passwords used for online guessing attacks and also eliminating periodic password expiration- unless the password is compromised. While these requirements make sense given current cyber threats, they don’t precisely fit historic password policies. NIST has recommended new password policy guidelines for Active Directory that can help. So how can you easily implement a modern password policy? And …

Root Passwords

Root Passwords: The Root of Password Problems

The average online user has over 90 accounts between personal and work accounts that require a password. That is a daunting number of unique passwords to memorize. In an effort to remember their passwords, most users will select common “root” words with easily guessable variations. These root passwords become predictable passwords when one becomes compromised. Password Expiration Policies The situation …

Recommendations For HIPAA Password Compliance: https://www.enzoic.com/hipaa-password-compliance/

Recommendations For HIPAA Password Compliance

What is HIPAA Password Compliance and How Healthcare Organizations Can Comply with these Authentication Guidelines. HIPAA (Health Insurance Portability and Accountability Act) was introduced in 1996 but has become increasingly prominent in recent years due to the rise of data breaches in the industry. Data breaches have been on the rise across all industries in the past five years, but …

NIST Password Standard Compliance

Introducing 1-Click NIST Password Standard Compliance & More

Introducing one-click NIST password standard compliance, user reporting which outlines users who are using compromised passwords, and root password detection to prevent users from using root passwords. Microsoft’s Active Directory is used widely across companies and industries throughout the world and unfortunately, it is one of the key targets for bad actors. Many organizations are adopting the use of password …

HITRUST & Password Policy: https://www.enzoic.com/hitrust-password/

HITRUST & PASSWORDS: 7 Important Password Policies for HITRUST

Our recommended healthcare password policies that complement and support HITRUST. Since its founding in 2007, HITRUST (Health Information Trust Alliance) champions programs that safeguard sensitive information and manage information risk for global organizations across all industries. HITRUST works with privacy, information security, and risk management leaders from the public and private sectors, to develop common risk and compliance management frameworks, …

NIST 800-171: Change of Characters in Passwords

NIST 800-171: Change of Characters in Passwords

Cybersecurity risks are a concern for every business, including the Federal government. Until the introduction of NIST 800-171, there was not a consistent approach between government agencies on how data should be handled, safeguarded, and disposed of. This caused a myriad of headaches, including security concerns, when information needed to be shared. After several high profile incidents culminating in the …

NIST Password Requirements for 2020

3 Key Elements of the NIST Password Requirements for 2021

Reasons Why NIST Password Requirements Should Drive Your Password Strategy in 2021 Despite the doubters claiming that passwords will go the way of overhead projectors, they are still prevalent. They are still the backup factor for most other authentication solutions and show no sign of extinction because every organization has a password-supported infrastructure in place. Fortunately, the National Institute of …