Hacker News new | ask | show | jobs
by chgs 672 days ago
Password resets should only be performed if it is suspected a password has been compromised.

Complex passwords also should not be required

NIST Special Publication 800-63B – Digital Identity Guidelines.

https://www.netsec.news/summary-of-the-nist-password-recomme...
1 comments
tdiff 671 days ago
Thanks!
link