Below you'll find a list of all posts that have been tagged as “NIST 800-63b”
IDSA report reveals that 96% of respondents think they could have prevented a breach by focusing on identity security The Identity Defined Security Alliance (IDSA), a nonprofit that helps organizations reduce risk by providing education and best practices, just released a report on current trends in the state of identity management. The research provides insight on how over 500 contemporary …
Identity Defined Security Alliance’s “Identity Management Project of the Year – SMB” recognized Enzoic’s customer West-Mark for the results of an initiative that eliminated compromised credentials from their environment. West-Mark, an ISO 9001 certified manufacturer of trucks and trailers, is an essential supplier for the US Department of Defense and the United States military. However, their high-stakes position in the …
As tensions between the US and Russia escalate, organizations need to act fast to shore up digital defenses In a just-released briefing from the White House, titled “Act Now to Protect Against Potential Cyberattacks,” authorities urged government facilities, healthcare organizations, and companies of all types, to lock down their digital systems–urgently. Intelligence indicates that Russia may be exploring …
Data Privacy Day is a chance for businesses to engage with their customers and clients in a way that builds trust, inspires customer loyalty, and enhances the business’s reputation. When an organization demonstrates that they care about protecting consumers’ privacy–they are in effect letting clients know that their information, data, and choices are safe with the business. In 2022, this …
West-Mark is an ISO 9001 certified manufacturer of trucks and trailers based in the western United States. Their high-quality manufacturing process helped them become an essential supplier for the US Department of Defense and the United States military. However, being in this part of the nation’s supply chain makes West-Mark a potential target for cybercriminals. To manage the risk, West-Mark …
Password authentication isn’t going anywhere anytime soon. It’s part of our culture, users and employees are accustomed to it, and many systems depend on the “what you know” layer. Newer technologies like biometrics might work in certain situations, but they won’t replace passwords altogether anytime soon. In our series on password security, we’ve talked about some worrying trends, the myths …
National Institute of Standards and Technology (NIST) has been substantially revising its password guidelines since 2017. Previous recommendations have been changed, including combining symbols, letters, and numeric to create complex passwords; changing passwords frequently; or requiring users to generate passwords of a specified length. The changes address findings from NIST related to the human factors that cause users to create …
NIST recommends rejecting passwords used for online guessing attacks and also eliminating periodic password expiration- unless the password is compromised. While these requirements make sense given current cyber threats, they don’t precisely fit historic password policies. NIST has recommended new password policy guidelines for Active Directory that can help. So how can you easily implement a modern password policy? And …
Enable automated password policy enforcement with daily password auditing and customizable remediation. With compromised password detection, custom password dictionary, fuzzy matching with common character substitutions, and continuous ongoing monitoring; enterprises can easily adopt NIST password requirements and eliminate vulnerable passwords in Active Directory. Organizations can adopt NIST password standards to screen for weak, commonly-used, expected, and compromised passwords. Then they …
Reasons Why NIST Password Requirements Should Drive Your Password Strategy in 2021 Despite the doubters claiming that passwords will go the way of overhead projectors, they are still prevalent. They are still the backup factor for most other authentication solutions and show no sign of extinction because every organization has a password-supported infrastructure in place. Fortunately, the National Institute of …
