Feeling safe with that complicated password? Think again, security experts say - complexity affects memorability and fosters unsafe practices

Feeling safe with that complicated password? Think again, security experts say - complexity affects memorability and fosters unsafe practices

Briefly

NIST's latest guidelines indicate that overly complex passwords are ineffective and dangerously insecure, emphasizing that users often opt for easily guessed variants for memorability.

ITProhttps://www.itpro.com/security/feeling-safe-with-that-complicated-password-think-again-security-experts-say-complexity-affects-memorability-and-fosters-unsafe-practices

The guidelines suggest that complex password rules can severely impact usability and memorability, leading users to settle on predictably simple variations of their passwords.

ITProhttps://www.itpro.com/security/feeling-safe-with-that-complicated-password-think-again-security-experts-say-complexity-affects-memorability-and-fosters-unsafe-practices

NIST argues that complex passwords create a new vulnerability; users tend to write them down or store them unsafely, thereby exposing themselves to more risks.

ITProhttps://www.itpro.com/security/feeling-safe-with-that-complicated-password-think-again-security-experts-say-complexity-affects-memorability-and-fosters-unsafe-practices

Instead of emphasizing complexity, NIST recommends focusing on password length while also acknowledging that other attacks like phishing are not affected by this change.

ITProhttps://www.itpro.com/security/feeling-safe-with-that-complicated-password-think-again-security-experts-say-complexity-affects-memorability-and-fosters-unsafe-practices