Announcement of 28. August 2017

Are complex passwords a thing of the past?

G DATA security expert Tim Berghoff explains the NIST recommendation in his latest blog article.

Password rules are a regular source of frustration in many businesses. Employees are forced to change their passwords on a regular basis which comply with certain rules. For instance, a password must be of a certain length, have lower and upper case characters, special characters as well as digits. The point of those rules was to prevent people from using trivial and easy-to-guess passwords. These well-meaning rules have given rise to passwords such as „P@$$w0rd”. While meeting all required criteria, is often replaced with an iteration a few weeks down the line, because people like to make life easy for themselves. The new password then is “P@$$w0rd2”. A couple of weeks later, it is „P@$$w0rd3“, and so forth. From an attacker’s point of view, though, those passwords are easy to crack using specialized soft- and hardware. The latest password security recommendations from NIST aim to solve this conundrum and make this type of passwords a thing of the past. G DATA security expert Tim Berghoff explains some of the details from the NIST recommendation in his latest blog article.

The article is available one the G DATA Security Blog.

Media:

Announcement of 28. August 2017

Contact

G DATA Software AG
G DATA Campus
Königsallee 178
D-44799 Bochum

Phone: +49-234-9762-239
E-Mail: presse@remove-this.gdata.de

Kathrin Beckert-Plewka
Public Relations Manager
Phone: +49 (0) 234 - 9762 507
E-Mail: kathrin.beckert@remove-this.gdata.de

Christian Lueg
Public Relations Manager
Phone: +49 (0) 234 - 9762 160
E-Mail: christian.lueg@remove-this.gdata.de

Dominik Neugebauer
Public Relations Manager
Phone: +49 (0) 234 - 9762 610
E-Mail: dominik.neugebauer@remove-this.gdata.de