- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
Here is the text of the NIST sp800-63b Digital Identity Guidelines.
Here is the text of the NIST sp800-63b Digital Identity Guidelines.
One thing they should change is the word “password.” This implies that it’s a short string. Changing it to “passphrase” will help people feel comfortable choosing credentials like “correct horse battery staple.”
I recently set up a password with a 16 character max, alphanumeric only, no spaces. The service is in no way a security threat but still.
A couple years ago I ran into one with a 12 character limit…
I never understood password limits, other than something sufficiently large like 256 to prevent DOS. It’s not like the password is actually being stored anywhere… right? RIGHT??