The National Institute of Standards and Technology (NIST) has changed the recommendations for passwords. Below you will find New Passwords Format recommendations.
There are no more numbers, symbols, upper- and lower-case letters, length requirements, and avoiding real words or numbers identified with the user.
Like…Pa$$word!, or HR!sgr8t, or 20!7ChevTruck$
The new recommendations
A password should still be long, but should now be a phrase, sentence or a series of associated words.
You could use a line from a movie or a song that includes upper- and lower-case letters and includes some extra vowels or small words dropped in.
An example from the IRS: SunWalkRainDrive
Because these phrases are familiar, they are easier for you to remember, according to the NIST. And since they are familiar, you might be less likely to write them down on the piece of paper sitting right next to your computer keyboard, and at the same time, harder for a hacker to crack.
These are the recommended steps from the NIST for creating your passwords:
- Use items that have meaning to you.
- Use associations unique to you. Passwords should be words that go together in your mind – words that wouldn’t go together in someone else’s mind. For example, items that are in your living room: BlueCouchFlowerBamboo. Avoid items others could guess, such as your kids’ names.
- Create a password that you can picture in your mind – such as the example of the items in your living room.
The IRS recommends using passwords not only for your desktop software, but also for your online accounts, using a different password for each account or program.
I’m guilty of using the same password across all accounts just because it’s easy to remember! Managing passwords is MUCH easier with a password manager program.
The best recommendation is to use multifactor authentication, when it is available. This may include a fingerprint, or a code texted to your smartphone to allow access to your account.
Looking for another interesting read? Check this out: