
Lead Image © berkay08, 123RF.com
Passwords, passphrases, and passkeys
Secret Symbols
The classic password has a long history and the terms, along with the times, are a-changing. At the end of the day, everyone still uses passwords, but the term passphrase, for example, describes a different way of creating and remembering them. After all, every attempt to access something starts with a secret that has to be resolved and handed over. One part of the puzzle is the username, which identifies the owner. Under normal circumstances, the owner should be the only person who has the key to access. When generating a password, the user faces two challenges: the need to generate a secure password, and the need to remember it.
Unrealistic Rulesets
Bill Burr wrote the official password guide for the U.S. National Institute of Standards and Technology (NIST). According to the guide, a password should comprise at least eight characters and be complex. It should contain upper- and lowercase letters, numbers, and nonstandard characters (i.e., three to four different types of characters ideally), and it should be changed regularly. Ideally, a password history will prevent previously used passwords being rehashed, or at least enforce a long wait before reuse.
Unfortunately, many things in this ruleset have been misinterpreted and, above all, users have found unplanned or unintended detours and shortcuts. When it comes to the length of the password, for example, the emphasis is on "at least" eight characters. This has led many users to view these eight characters as the maximum, and in many cases, IT departments fail to communicate the requirements clearly. Of course, a password can and should have more than eight characters.
In practice, passwords created according to the above-mentioned rules (e.g., dU7%9IL& ) that you are then forced to change every three months will quickly mutate to Summer25 , because it is complex according to the rules. Three out of
...Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
