The National Institute of Standards and Technology (NIST) has issued a new draft of its Digital Identity Guidelines. This section has some advanced, yet timely guidance about passwords. NIST likes to call them Memorized Secrets The strength of memorized secrets is explored in a beautifully concise and accurate manner in the appendix in the same section of the document. The document recommends that we no longer force periodic password changes and we. no longer should force complexity requirements. I plan to post a framed copy of this new model at my desk.”]
Source: https://grahamcluley.com/new-nist-guidelines-do-away-with-periodic-password-changes/

