NIST password guidelines

A Brief Summary of NIST Password Guidelines

National Institute of Standards and Technology (NIST) has been substantially revising its password guidelines since 2017. Previous recommendations have been changed, including combining symbols, letters, and numeric to create complex passwords; changing passwords frequently; or requiring users to generate passwords of a specified length. The changes address findings from NIST related to the human factors that cause users to create …

Creating a NIST Password Policy for Active Directory https://www.enzoic.com/creating-a-nist-password-policy-for-active-directory/

Creating a NIST Password Policy for Active Directory

NIST recommends rejecting passwords used for online guessing attacks and also eliminating periodic password expiration- unless the password is compromised. While these requirements make sense given current cyber threats, they don’t precisely fit historic password policies. NIST has recommended new password policy guidelines for Active Directory that can help. So how can you easily implement a modern password policy? And …

NIST Password Requirements for 2020

3 Key Elements of the NIST Password Requirements for 2020

Reasons Why NIST Password Requirements Should Drive Your Password Strategy in 2020 Despite the doubters claiming that passwords will go the way of overhead projectors, they are still prevalent. They are still the back-up factor for most other authentication solutions and show no sign of extinction because every organization has a password-supported infrastructure in place. Fortunately, NIST has invested time …

7 Password Problems Solved by Enzoic Password Policy Enforcement

7 Password Problems Solved by Enzoic Password Policy Enforcement

There are many excellent password policy enforcement tools built into Active Directory. But the out-of-the-box AD functionality does not meet all the password standards and new password policy recommendations from NIST and other regulatory organizations. What can organizations do regarding password policy enforcement to increase security and decrease user friction, cost-effectively? The perfect storm of weak passwords More than 21 …

Enzoic for Active Directory

Introducing Continuous Password Protection for Active Directory

The Industry’s 1st Active Directory Plugin That Helps Organizations Prevent Use of Compromised Passwords According to NIST 800-63b Guidelines.   Passwords remain the primary method for protecting employee accounts yet passwords also continue to be a major threat vector to businesses and organizations year-after-year because of use of unsafe credentials.  According to Verizon’s 2019 Data Breach Investigations Report, 29% of …

Eliminating the Burden of Periodic Password Reset: The NIST 800-63b password guidelines include password policy changes that can improve everyone’s experience with passwords.

Eliminating the Burden of Periodic Password Reset

The NIST 800-63b password guidelines include password policy changes that can improve everyone’s experience with passwords, including eliminating the forced periodic password reset. The most publicized recommendation is throwing away password complexity rules and this recommendation is still hotly contested on many security forums. However, what really catches the attention of most Active Directory and system admins, is the instruction …