Channel | Publish Date | Thumbnail & View Count | Download Video |
---|---|---|---|
Publish Date not found | 0 Views |
Using rules and guidelines from NIST, PCI DSS, UK NCSC, Microsoft, RedHAT and Google, I decipher the rules that help make passwords secure, or that foolishly make passwords less secure.
Learn the difference between minimum and maximum password lifetimes and why neither makes your password more secure.
Left:
NIST SP800-63B
https://pages.nist.gov/800-63-FAQ/
PCI-DSS
https://blog.rsisecurity.com/update-on-pci-dss-3-2-password-security-requirements/
UK National Cyber Security Centre
https://www.ncsc.gov.uk/collection/passwords
Microsoft (O365)
https://learn.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?viewo365-worldwide
RedHatLinux
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/security_guide/index
Google Bard
https://www.penguintutor.com/projects/googlebard
Chapter:
00:00 Password rules
01:08 Problems with passwords
02:34 Password attack vectors
03:34 Rules and guidelines
06:02 Password expiration
09:10 Minimum age for passwords (The stupid rule!)
11:05 Password complexity
13:03 Password length
15:35 Null/default passwords
16:33 Summary
More details:
https://penguinfortress.com/security/stupid-password-rules
Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.