While we read the National Institute of Standards and Technology Special Publication 800-63 "Digital Identity Guidelines" for fun and have no problem implementing it in a web app written in LISP running in a containerised FIPS 140-2 compliant GhostBSD image using a custom Kerberos and Hesiod service hosted on Baidu Cloud, the kind folks at @1password have summarised the latest draft of in a most useful way.
"NIST proposed password updates: What you need to know"
https://blog.1password.com/nist-password-guidelines-update/
It would be in poor taste to suggest that the NIST enforcement division rapid response team start kicking down some office doors and branding SP 800-63B on certain developers' foreheads, so I won't mention it.
https://pages.nist.gov/800-63-4/sp800-63b.html
[#]Passwords #Authentication #NIST #SP800_63 #InfoSec #CyberSecurity #DALLE #HRGiger
=> More informations about this toot | More toots from AJCxZ0@infosec.exchange
text/geminiThis content has been proxied by September (3851b).