Nemeski@lemm.ee to Cybersecurity@sh.itjust.worksEnglish · 2 个月前NIST proposes barring some of the most nonsensical password rulesarstechnica.comexternal-linkmessage-square8fedilinkarrow-up191cross-posted to: cybersecurity@sh.itjust.workstechnology@lemmit.onlinetechnology@lemmy.world
arrow-up191external-linkNIST proposes barring some of the most nonsensical password rulesarstechnica.comNemeski@lemm.ee to Cybersecurity@sh.itjust.worksEnglish · 2 个月前message-square8fedilinkcross-posted to: cybersecurity@sh.itjust.workstechnology@lemmit.onlinetechnology@lemmy.world
minus-squareUID_Zero@infosec.publinkfedilinkEnglisharrow-up8·2 个月前Please don’t take those recommendations out of context. They also recommend MFA, but people only ever bring up the “no rotation” bit.
minus-squareZorsith@lemmy.blahaj.zonelinkfedilinkEnglisharrow-up5·2 个月前Are they at least recommending non-SMS MFA now?
minus-squarelinearchaos@lemmy.worldlinkfedilinkEnglisharrow-up4·2 个月前Emphasis was from the article, not mine. They also recommend not using knowledge based prompts, allowing at least 64: characters,
Please don’t take those recommendations out of context.
They also recommend MFA, but people only ever bring up the “no rotation” bit.
Are they at least recommending non-SMS MFA now?
Emphasis was from the article, not mine.
They also recommend not using knowledge based prompts, allowing at least 64: characters,