NIST 800-63B
Fortifying End-User Password Defences: Implementing NIST 800-63B Recommendations
The evolving landscape of cyber threats demands ever-stronger user authentication measures. Recognizing this, the National Institute of Standards and Technology (NIST) established NIST Special Publication 800-63B: a comprehensive set of best practices for digital identity and lifecycle management, including crucial insights for bolstering password security.
NIST-Recommended Actions
1. Thwarting Recycled Passwords: Breached password lists are treasure troves for attackers.
Implementing real-time checks against these lists during password creation
prevents users from unwittingly employing compromised credentials. This
proactively mitigates the risk of unauthorized access through recycled
passwords.
2. Dictating Password Diversity: Banishing simple dictionary words from the password lexicon
is essential. Consider incorporating a dynamic, context-aware dictionary that
evolves alongside real-world threats. This dynamic approach proactively blocks
predictable passphrases, while staying agile against emerging attack vectors.
3. Curbing the Sequential: Preventing repetitive or incremental passwords like
"password123" and "password124" eliminates predictable
patterns vulnerable to brute-force attacks. Enforce a minimum password history
to ensure users move beyond sequential iterations.
4. Context is Not King: Disallowing context-specific words related to usernames,
employee IDs, or personal information significantly reduces the risk of
guessable passwords. This mitigates the threat of social engineering attacks or
compromised internal databases exposing context-sensitive details.
5. Length Matters More Than Complexity: The longstanding myth of complex password requirements has
been debunked. NIST emphasizes prioritizing password length. Enforce a minimum
of 12 characters, ideally longer, to significantly enhance password strength.
MyID PSM and NIST compliance
MyID PSM goes beyond mere compliance, enhancing user
experience through features such as password self-service which vastly reduces
help desk costs for an organisation in changing passwords. As an organisation,
implementing MyID PSM empowers you to achieve the perfect balance between
robust security and user convenience. By adopting these NIST-recommended
practices and leveraging the comprehensive capabilities of MyID PSM, organisations
can significantly strengthen their employees password defences, ultimately
mitigating some of the risk of unauthorized access and data breaches.
Leveraging MyID PSM for Seamless Compliance:
MyID Password Security Manager (MyID PSM) empowers organizations to effortlessly implement and manage these NIST-recommended measures. MyID PSM's robust features directly address each guideline:
Password Breach Database
Our Password Breach Database receives in excess of three million updates each day. It is the leading enterprise collection consisting of 8 billion compromised clear text credentials, making it 55% more substantial than widely shared free databases.
We gather data from an array of sources, such as mainstream news outlets, online forums, torrents, paste bins and other areas of the dark web. The preserved data is subsequently cleansed and assessed for its credibility before integration into the database.
Our password breach database has numerous benefits, including:
- Protecting Your Business Reputation
- Preventing Poor Password Practice
- Avoiding Excessive Data Fines
- Ensuring NIST SP 800-63B Compliance
Trusted by Governments and Enterprises Worldwide
Where protecting systems and information really matters, you will find Intercede. Whether its citizen data, aerospace and defence systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organizations around the world choose Intercede solutions to protect themselves against data breach, comply with regulations and ensure business continuity.