Password Sensibilities

I’ve lost count of the number of organisations I’ve worked for that have adhered to the NIST (National Institute of Standards and Technology) password advice from back in 2003.  I’ve scoffed every time I’ve looked around their offices to see (a sea?) password post-it notes with various passwords written down.  Honestly, every 90 days?

Clearly they have people in charge of making security decisions that simply are not qualified to.

Finally, the author of those guidelines, NIST manager Bill Burr, has admitted that he was completely wrong.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.