Company News

Excerpt: Virginia attorney Sharon Nelson provides password advice based on the National Institute of Standards and Technology (NIST).  First, requiring users to use complex passwords with capital letters, lowercase letters, special characters, etc. is actually less secure.  The same is true for short password expiration periods, such as a requirement to change passwords every 30 days.  It seems counter-intuitive at first, but when you think about it, it makes a lot of sense.  Passphrases, such as a bizarre sentence, are just as secure and are far easier to remember than something like j#(FlWFd19J$.  And requiring folks to change passwords frequently only results in people being more careless with their passwords, such as writing them down.  Sharon also notes that the best solution is to use a password manager, and I strongly agree with that.