Internet security has been a significant issue for many years. Particularly, the security of passwords is critical for users’ online experiences. The National Institute of Standards and Technology (NIST) is adopting a new approach in this matter and recommends using long passphrases instead of complex passwords.
The Negative Effects of Complex Passwords on Users
Traditionally, strong passwords were thought to need a complex combination of letters, numbers, and special characters. However, recent studies by NIST show that the length of passwords is more effective than their complexity. This means that long but easy-to-remember passwords can better ensure users’ security.
Complex passwords make it difficult for users to memorize each one individually. This situation leads to security risks such as passwords being written down or forgotten. Moreover, users often tend to use the same complex password across multiple sites and platforms because they struggle to remember it, which increases the security risk for different accounts.
With its new guidelines, NIST recommends users employ passphrases that are easy to remember but sufficiently long. This approach makes it easier to recall passwords while also significantly improving security. While these guidelines are specifically intended for government agencies, they also influence general internet security standards and enhance the online security of civilian users. Experts recommend that users update their password policies in accordance with these new guidelines.
