The National Institute of Standards and Technology (NIST) once said that a good password consisted of three things: upper- and lowercase letter, numbers, and symbols. However, the NIST recently reversed its stance on good passwords. Here’s why and what they are now recommending.

A password policy designed for federal agencies must be secure, right? Surprisingly, that hasn’t been the case, according to the National Institute of Standards and Technology (NIST). The NIST created many of the password best practices you probably loathe — the combination of letters, numbers, and special characters — but it now says those guidelines […]

Avoiding malware and online scams takes a lot of work. You have to treat every email with suspicion, manage a long list of convoluted passwords, and avoid public WiFi networks. Ideally, you follow several other cybersecurity best practices, but many users don’t believe they’re worth the time.

Critical Android security issues have become somewhat of the norm in recent months. Hackers are developing a record number of cyberattacks that could compromise your mobile operating system and they’re having more success than ever before. But there are some things you can do to tighten up your Android security, and most of the features […]

Passwords are your first line of defense against hackers. But over the years, they have developed plenty of methods to steal them. To gain a deeper understanding of how cybercriminals operate, Google analyzed the causes of leaked login credentials. Here are the results.

In 2003, a manager at the National Institute of Standards and Technology (NIST) authored a document on password best practices for businesses, federal agencies, and academic institutions. Now retired, the author admits that his document was misguided. Find out why and what great passwords are made of.

With more than 100 million monthly active subscribers, Office 365 has attracted the attention of hackers who’ve revamped an age-old trick. This time, they come up with a highly targeted, well-crafted spear-phishing scam that’s even more difficult to identify.