Preston and I discussed the new NIST password guidelines with our regular guest, Richard Henderson of Absolute. In this podcast, we cover the guidelines and what they might mean to you, especially if you’re a web application developer. If you’re not a developer, you might still have an opinion as a user. The new guidelines are a very positive step forward for government agencies and for private ones as well. Password security has been taken for granted for too long but can no longer be ignored. Security experts can spout all the best practices that they can think of but those best practices are only good if they’re put into practice.
We also discuss the costs that might arise from retrofitting current applications vs. tackling the problem from the beginning. Richard has some very important insights to consider when going forward with these guidelines.
Length: 28:20 minutes. Format: MP3. Rating: G for all audiences.