The National Institute of Standards and Technology (NIST) is a physical sciences laboratory and a non-regulatory agency of the United States Department of Commerce, that provides security guidelines, quality standards, and more for various industries. Being a federal agency, NIST guidelines are regarded as standards of the highest caliber, and government agencies are mandated to follow its guidelines. That is why even private organizations follow these guidelines.
NIST updated its password guidelines recently, implementing important changes that ensure the guidelines address current digital identity standards and needs. Our IT security expert will talk more about what’s new in the guidelines in our upcoming webinar. For example:
NIST now recommends using passphrases. The guidelines recommend using longer passwords over more complex ones. The debate between passphrases and passwords is a long-standing one. A study shows that the benefits of using longer passwords outshine the benefits of using complex passwords. The FBI also recommends passphrases. Passphrases are easier to remember, and thus, fewer password reset tickets are generated for the help desk.
Why is this relevant for remote working?
Since the onset of the pandemic, the world had paused, and then slowly resumed work. However, the hacking world proceeded, in full swing and undisturbed. Cyberattacks have risen in the past few months, especially phishing attempts that have soared by over 600 percent since the end of February. The trend doesn’t appear to be stopping. Although organizations have established good remote work policies, it’s still a fairly new strategy. Since attackers are targeting remote employees, their passwords are the most vulnerable to attacks, so it’s vital to have a strong password policy in place.
Join our webinar where our IT expert talks about this, and how you can use NIST guidelines to fortify the password security of your organization.