Print
In the summer of 2016, the National Institute of Standards and Technology (NIST) published new draft guidelines that proposed sweeping changes to traditional security models and best practices. Finalized in the summer of 2017, the new NIST guidelines upended several historical approaches to authentication. Security questions are no longer considered secure. Mandatory periodic password changes can weaken security. Special characters can make passwords harder for users to remember and easier for hackers to guess. Is the three-attempt lockout policy even necessary? Regulators defer to NIST standards. Therefore, financial institutions must prepare for shifts in authentication and security compliance by fundamentally recalibrating the balance between digital security and user experience.
For more information or to register CLICK HERE