Hacker News
- NIST 800-63B Digital Identity Guidelines https://pages.nist.gov/800-63-3/sp800-63b.html 7 comments
- Digital Identity Guidelines: Public Comment Period https://pages.nist.gov/800-63-3/ 64 comments
- New NIST password guidelines: don't require character types or rotation https://pages.nist.gov/800-63-3/sp800-63b.html#memorized-secret-verifiers 305 comments
- PSA: Password requirements now don't need complexity and rotation, just length (reminder for anyone not keeping up with NIST SP 800-63-3 current guidance) https://pages.nist.gov/800-63-3/sp800-63b.html 203 comments netsec
- Is NIST recommending a password hashing algorithm that the researchers themselves recommend against using? https://pages.nist.gov/800-63-3/sp800-63b.html 9 comments crypto
- NIST finalized four-volume SP 800-63 Digital Identity Guidelines https://pages.nist.gov/800-63-3/ 17 comments netsec
- NIST: No character requirements for passwords and no frequent password changes https://pages.nist.gov/800-63-3/sp800-63b.html#memorized-secret-verifiers 131 comments programming
- Malware, malicious charging stations, and rogue cell towers - Oh My! NIST releases the Mobile Threat Catalogue for public comment on Github. https://pages.nist.gov/mobile-threat-catalogue/ 6 comments netsec
- Newest NIST Draft on Authentication Guidelines deprecates 2-factor auth using SMS. https://pages.nist.gov/800-63-3/sp800-63b.html 14 comments netsec