HITRUST & Password Policy: https://www.enzoic.com/hitrust-password/

HITRUST & PASSWORDS: 7 Important Password Policies for HITRUST

Our recommended healthcare password policies that complement and support HITRUST. Since its founding in 2007, HITRUST (Health Information Trust Alliance) champions programs that safeguard sensitive information and manage information risk for global organizations across all industries. HITRUST works with privacy, information security, and risk management leaders from the public and private sectors, to develop common risk and compliance management frameworks, …

Automate Password Policy & NIST Password Guidelines

Enable automated password policy enforcement with daily password auditing and customizable remediation. With compromised password detection, custom password dictionary, fuzzy matching with common character substitutions, and continuous ongoing monitoring; enterprises can easily adopt NIST password requirements and eliminate vulnerable passwords in Active Directory. Organizations can adopt NIST password guidelines to screen for weak, commonly-used, expected, and compromised passwords. Then they …

NIST Password Requirements for 2020

3 Key Elements of the NIST Password Requirements for 2020

Reasons Why NIST Password Requirements Should Drive Your Password Strategy in 2020 Despite the doubters claiming that passwords will go the way of overhead projectors, they are still prevalent. They are still the back-up factor for most other authentication solutions and show no sign of extinction because every organization has a password-supported infrastructure in place. Fortunately, NIST has invested time …

Eliminating the Burden of Periodic Password Reset: The NIST 800-63b password guidelines include password policy changes that can improve everyone’s experience with passwords.

Eliminating the Burden of Periodic Password Reset

The NIST 800-63b password guidelines include password policy changes that can improve everyone’s experience with passwords, including eliminating the forced periodic password reset. The most publicized recommendation is throwing away password complexity rules and this recommendation is still hotly contested on many security forums. However, what really catches the attention of most Active Directory and system admins, is the instruction …


NIST Special Publication 800-63 is Final

The big changes to NIST password recommendations we’ve been talking about are now official: NIST 800-63 is final. It’s important to know that this overhaul is about more than just passwords. It’s a full reworking of digital identity guidelines with a suite of new documents and a flexible approach to using them.

Looking Closer at NIST Guidelines for Checking Compromised Credentials

NIST suggests passwords should be screened against commonly-used, expected, or compromised passwords. This is intended to ensure passwords are not found in common cracking dictionaries that would make them easy to guess. These checks can occur at account creation and password reset. But then what? How do you know if they are still safe after time?