February 8, 2020
New cybersecurity breaches seem to be an almost weekly occurrence lately and more than 14 million Americans a year become victims of identity theft, according to the latest estimates. Yet consumers continue to leave themselves vulnerable to fraudsters eager to nab their personal data. The culprit: the highly predictable passwords, PINs and other log-ins they use for their online accounts.
That’s why the National Institute of Science and Technology (NIST) has dropped the advice about having a complex mix of characters from its safety guidelines. Its latest recommendation instead: Think of a password more as a passphrase, says Curtis Dukes, executive vice president of the Center for Internet Security.