As we approach a fall semester that most probably is going to continue to be, at least in part, a virtual experience for many of us, there are many issues for information technology managers to consider. Cybersecurity is one of those.
Over the past few years, cybersecurity has become a prime concern at all levels of society, from small town municipalities to the development of cyberwarfare commands in all branches of the military. Passwords are quite literally the key to many IT systems.
Passwords have become longer. Eight to 10-character passwords are now the recommended standard, with a dozen character passwords common. Beyond an eight-character password, passwords that are simply longer are not necessarily better–although mathematically, yes, it will take a supercomputer a longer time to generate the password via a brute force attack. In fact, NIST states that in many cases a six-character digital password is acceptable.
End users are much more likely to need to write their passwords down as they increase in length–making physical discovery easier. I do hope the days of writing your password on a sticky note under your keyboard are over, but many users still need to write down a password when they are forced to change it regularly or follow arcane complexity rules.