Here is the text of the NIST sp800-63b Digital Identity Guidelines.

    • @[email protected]
      link
      fedilink
      English
      42 months ago

      I would always just create 1 password and append a number and it’s special char, cycling from 1 to 0; like 1!, 2@, 3#. Never stayed at a place long enough to go higher than 7 or 8.

      I never gave a fuck about doing this because it’s the companies fault for applying stupid policies. Whenever I’ve been allowed a password manager, they got real security instead of malicious compliance.

    • @[email protected]
      link
      fedilink
      English
      2
      edit-2
      2 months ago

      I feel like it’s not a big impact on security if I use 2fa anyway. (Base password)(month)(year) is fine for me 😅