Alas, new NIST guide says password protection-by-sticky notes no longer cuts it

Opinion
Apr 23, 20091 min

A better idea, according to NIST, would be to take a read through its new “Guide to Enterprise Password Management.”

The guide is written for federal government agencies but much applies to any organization concerned about network security. It covers password policy implementation, user education and identifying threats against password protection. The notes that coming up with strong passwords is no longer the be all, end all solution in that phishing and other non-brute force attacks are designed to work around such protections.

Do you Tweet? Follow me on Twitter here