Your passwords may soon get a lot longer, but they’ll be much easier to remember

The days of over-complicated, hard-to-remember passwords may soon be over.

In its new Digital Identity Guidelines, the US National Institute of Standards and Technology (NIST) is calling for the elimination of dated standards, such as requiring people to frequently change their passwords or mandating that they use particular types of characters. The guidelines, which are in the process of final edits, help set the standard for both governments and businesses. 

password login screenScreenshotBecause humans only have a limited ability to memorize complicated strings of characters, they usually come up with ones that can be guessed easily, NIST noted in the new guidelines. In response, online services have forced users to come up with increasingly complex passwords. 

“[They] require the user to choose passwords constructed using a mix of character types, such as at least one digit, uppercase letter, and symbol,” NIST writes. “However, analyses of breached password databases reveals that the benefit of such rules is not nearly as significant as initially thought, although the impact on usability and memorability is severe.” 

In other words, previous guidelines have resulted in passwords that are harder for humans to remember while making them no more difficult for computers to guess.

These antiquated guidelines have led to the rise of password management services, such as LastPass and 1Password, which keep track of users’ passwords so they don’t have to struggle to remember them. 

NIST’s new guidelines call for an end to the special character requirements, and will instead urge online services to allow for longer passwords — up to 64 characters — that can include spaces. Random strings of words are easier for humans to recall but more difficult for computers to guess.  

The new guidelines also call for an end to periodic password changes, as users who are forced to switch their passwords generally end up selecting simple ones that are easier to remember. 

When the final standards are published they will apply only to government agencies and contractors, according to a report in Quartz. But they’ll likely be widely adopted in the private sector, the report noted. 

NOW WATCH: The newest flying car is backed by Larry Page — and you can buy it by the end of the year

Feedburner

Post Author: martin

Martin is an enthusiastic programmer, a webdeveloper and a young entrepreneur. He is intereted into computers for a long time. In the age of 10 he has programmed his first website and since then he has been working on web technologies until now. He is the Founder and Editor-in-Chief of BriefNews.eu and PCHealthBoost.info Online Magazines. His colleagues appreciate him as a passionate workhorse, a fan of new technologies, an eternal optimist and a dreamer, but especially the soul of the team for whom he can do anything in the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.