[OWASP-Philadelphia] NIST SP-800-63-3 feedback

Jay Simoni jay_simoni at hotmail.com
Tue Oct 3 15:44:13 UTC 2017


I'm interested in how have you seen the NIST SP-800-63-3 (https://pages.nist.gov/800-63-3/) guidelines being received?  Particularly regarding authentication and the simplification of passwords & the use of MFA?

I’m wondering if your companies have begun to adopt these new guidelines?  Or at least considering implementing them seeing that they are only 3 months old….

I’m starting the internal conversations at my company (an ISV that primarily services the financial services industry) to adopt them both for ourselves & our employees/contractors as well as for the users of our web applications we develop and I’m trying to get a sense of how these guidelines are being received in the global security community.

Thanks in advance for your feedback.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-philadelphia/attachments/20171003/836e72a9/attachment.html>

More information about the OWASP-Philadelphia mailing list