The U.S. Government has introduced updated password security guidelines through the National Institute of Standards and Technology (NIST), emphasizing longer, more user-friendly passwords over traditional complexity rules. These guidelines focus on password length, recommending at least 8 characters, with a preference for up to 64 characters, and eliminating mandatory periodic password changes unless a compromise is detected.
The guidelines also advocate against using password hints and outdated authentication questions, promoting secure password storage through techniques like salted hashing. Additionally, NIST encourages the integration of multi-factor authentication (MFA) to strengthen cybersecurity across digital platforms.
