Strong Password Policy Isnt Enough, Study Shows

  /     /     /  
Publicated : 23/11/2024   Category : security


Strong Password Policy Isnt Enough, Study Shows


New analysis reveals basic regulatory password requirements fall far short of providing protection from compromise.



A new look at a database of more than 800 million known-breached passwords reveals that 83% of them met basic security standards set by five different standards agencies. 
Minimum
password lengths
prescribed by NIST, HITRUST for HIPPS, PCI, ICO for GDPR, and Cyber Essentials for NCSC ranged from seven to 10 and included requirements for password complexity, special characters, and numbers — but none were enough to keep compliant passwords off the breached list, according to a new report from Specops Software. 
What this data really tells us is that there is a very good reason why some regulatory recommendations now include a compromised password check, said Darren James, product specialist at Specops Software, in a statement about the new
password policy
research. Complexity and other rules might help but the most compliant password in the world doesn’t do anything to protect your network if its on a hackers compromised password list.

Last News

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Strong Password Policy Isnt Enough, Study Shows