Updated NIST password guidelines — what do you think of the recommendation to include emojis as acceptable characters?

Identity & Access Management (IAM)Security Frameworks (NIST, CIS, CSF)

Very positive – Offers more flexibility & personalization19%

Somewhat positive – Could enhance security if used correctly48%

Neutral – I doubt it will significantly impact security25%

Somewhat negative – May lead to predictable patterns7%

Very negative – Complicates password creation without much benefit

67 PARTICIPANTS

322 views1 Comment

Sort by:

VP & CISO in Healthcare and Biotecha month ago

Most users want to logon quickly. Finding emojis when having to enter passwords is going to take longer to logon, especially when you logon from a platform that doesn't make it easy to find them.

Content you might like

In most enterprises, non-human identities (API keys, service accounts, tokens, and certificates) outnumber human identities by 25–50x. Recent Gartner research identifies unmanaged machine identities as a critical blind spot in Zero-Trust architectures and cloud security frameworks. Where does your organization currently stand in terms of machine identity governance implementation?

Comprehensive program deployed (full lifecycle management, automated rotation, continuous monitoring)

Initial implementation underway (discovery and vaulting completed, governance framework maturing)83%

Strategic planning phase (implementation scheduled within the next 12 months)17%

Assessment stage (evaluating business case and organizational requirements)

View Results

Has anyone used CMMI Cybermaturity framework to benchmark or improve Cybersecurity maturity? I believe it is suitable to large organizations and not small or medium ones. It also needs a lot of time in order to show improvements, do you agree?

Updated NIST password guidelines — what do you think of the recommendation to include emojis as acceptable characters?

Sort by:

Content you might like

Has anyone used CMMI Cybermaturity framework to benchmark or improve Cybersecurity maturity? I believe it is suitable to large organizations and not small or medium ones. It also needs a lot of time in order to show improvements, do you agree?

Is your organization using encryption extensively?

What’s your “hot take” when it comes to security questionnaires?

What are the main 10 features requested in a GRC platform?

What sets us apart?

Take Your Insights On-the-Go