Nist 800 Information Security Policies

Home - Nist 800 Information Security Policies

NIST-800-118 Guide to Enterprise Password Management

LogmeOnce adheres to government security standards. If you are a large business enterprise or a government agency, NIST 800-118 document is an excellent reference material to build your organization’s security policy. Please download NIST’s draft-sp800-118.pdf.

NIST 800 Information Security Policies

As stated by NIST 800 Series: Passwords are used in many ways to protect data, systems, and networks. For example, passwords are used to authenticate users of operating systems and applications such as email, labor recording, and remote access. Passwords are also used to protect files and other stored information, such as password-protecting a single compressed file, a cryptographic key, or an encrypted hard drive. In addition, passwords are often used in less visible ways; for example, a biometric device may generate a password based on a fingerprint scan, and that password is then used for authentication.

The purpose of NIST guides are to assist organizations in understanding common threats against their character-based passwords and how to mitigate those threats within the enterprise. LogmeOnce adheres to NIST guidelines. The information security policies addressed includes defining password policy requirements and selecting centralized and local password management solutions.

It is important to note, there are different forms of passwords. One is known as a personal identification number (PIN). A PIN is relatively short (usually 4 to 6 characters) and consists of only digits. Examples of PINs are “7352” and “832290”.

Another specialized form of password is known as a Passphrase. This is a relatively long password consisting of a series of words, such as a phrase or a full sentence. An example of a passphrase is “Iamdefinitelyyour#1fan”. The motivation for passphrases is that they can be longer than single-word passwords but easier to remember than a sequence of arbitrary letters, digits, and special characters, such as “72*^dSd!” or “C8ke2.e3:”. However, a simple passphrase such as “iloverocknroll” is predictable and therefore easier for an attacker to guess than “9j%a#F.0”, so a passphrase’s length alone does not make it stronger than other passwords. NIST 800 guidelines provides information security policies to assist in development of secure password and information systems.

LogMeOnce’s mission is to provide secure Single Sign-On (SSO) and mature Identity Management (IdM) with a fun and user-friendly dashboard facilitating easy and secure access to all of your accounts and applications.

Products

Consumer
Business / Enterprise
More Security Products
Download/Buy

How it Works

Support

Media Center

Partners

Company

Follow Us

LogMeOnce is a US based company, operating globally with offices in Washington DC, USA, and Barcelona, Spain. All other company, product , service names and trademarks used in this website are for identification purposes only, and are property of their respective owners . Use of these names, trademarks and brands does not imply endorsement.