1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • The UK government thinks it has a bright idea about how to streng

    From TechnologyDaily@1337:1/100 to All on Mon Aug 9 14:00:04 2021
    The UK government thinks it has a bright idea about how to strengthen your passwords

    Date:
    Mon, 09 Aug 2021 12:51:59 +0000

    Description:
    NCSC extols controversial password policy over the established procedure of creating complex strings.

    FULL STORY ======================================================================

    Amidst a push for passwordless authentication , a 2016 document from the UKs National Cyber Security Centre (NCSC) advising people to use three random words as passwords, instead of creating complex strings, has stirred up quite a storm, compelling the organization to further explain their guidance.

    The NCSC argues that asking users to create a complex string of counter-intuitive passwords based on a set of rules, in fact helps malicious actors brute force them being aware of the rules and existing password patterns.

    It further suggests that since it is laborious to create complex passwords , the practice encourages the habit of password reuse . TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << Heres our list of the best business password managers These are the best identity management services Weve also rounded up the best security keys

    Passwords generated from three random words help users to create unique passwords that are strong enough for many purposes, and can be remembered
    much more easily. This is also good for those who aren't aware of password managers , or are reluctant to use them, suggests Kate R, People Team Lead, Sociotechnical Security Group, NCSC. Responding to criticism

    NCSCs suggestion for the use of three random words has been panned by several quarters.

    Responding to the criticism though, NCSC addresses all concerns in its new blog post. It first suggests that while it is true that there are algorithms for brute forcing three random words, they cant be used as easily as algorithms for brute forcing rule-based passwords.

    It also believes that it isnt just its suggestion that can create weak passwords, and that rule-based passwords can be just as weak.

    To overrule this concern, the NCSC suggests mandating a minimum length requirement combined with the application of password deny lists .

    Adam Philpott, EMEA President, McAfee Enterprise has come in support of the NCSCs suggestion saying that businesses must implement their advice.

    Failing to understand the importance of password security will provide cybercriminals with unlimited opportunities, especially as we continue to shift to a hybrid working model," adds Philpott.

    However, while the NCSC suggests the use of three random words result in far sturdier passwords than rule-based unintuitive strings, it acknowledges that the strategy will only really be effective when used alongside secure
    storage. Protect your devices with these best antivirus software



    ======================================================================
    Link to news story: https://www.techradar.com/news/the-uk-government-thinks-it-has-a-bright-idea-a bout-how-to-strengthen-your-passwords/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)