Skip to content
Search

Latest Stories

Add Upworthy to your Google News feed.
Google News Button

For years, we've been told that long, complicated passwords—filled with random letters, numbers, and special characters—are the key to keeping our accounts secure. But new guidelines from the U.S. National Institute of Standards and Technology (NIST) suggest that this approach is outdated—and may actually make you less safe.

Instead of hard-to-remember combinations, experts now recommend using simpler, more memorable passwords that don’t require frequent changes, according to QBE European Operations.


media1.tenor.com

Why complicated passwords are no longer the best defense

For decades, security policies have pushed users to create unique passwords and update them regularly—often every 60 to 90 days. But according to NIST’s updated SP 800-63-4 guidelines, this method is no longer considered best practice, reported Sprinto. 

Instead, NIST suggests:
Updating passwords only when necessary (such as after a security breach).
Avoiding frequent password resets unless there's evidence of compromise.
Focusing on length rather than complexity—long, memorable phrases are better than short, difficult-to-remember ones.

Representative Image Source: Pexels | Mikhail Nilov

The hidden dangers of overly complex passwords

When passwords become too difficult to remember, people tend to:
🔹 Write them down on sticky notes or in their phone’s notes app.
🔹 Reuse them across multiple sites.
🔹 Store them in browsers or password managers, which can become security risks themselves.

"If a password is too complicated, users are more likely to store it somewhere unsafe," NIST notes.

Hackers often exploit this by targeting saved credentials, making overly complex passwords a liability rather than a strength.


What makes a strong password today?

Instead of complex combinations like Xf9#jS*2!, NIST now recommends using:
A short sentence or a string of random words (e.g., "BlueElephantSky99")
Passwords between 8 and 15 characters
Minimal use of special characters or uppercase letters

NIST’s research found that longer, simple passwords are harder for attackers to guess than shorter, overly complex ones.

Representative Image Source: Pexels | Tima Miroshnichenko

What about businesses requiring frequent password changes?

Many organizations still require employees to update their passwords every few months. However, NIST’s Digital Identity Guidelines state that these frequent resets are unnecessary and ineffective.

"The latest changes incorporate real-world security risks and acknowledge that forced password changes do not significantly improve security," NIST explains.

Instead, the agency urges businesses to:
Allow employees to keep passwords longer unless a breach is suspected.
Encourage passphrases instead of short, complicated passwords.
Implement two-factor authentication (2FA) for added protection.

media.giphy.com

Should you change your password habits?

NIST’s updated guidance challenges traditional cybersecurity rules, but its recommendations are based on real-world data from compromised password databases.

As cyber threats continue to evolve, security experts agree:
Password complexity is less important than length.
Frequent password resets are unnecessary.
Memorable passphrases are better than random characters.

If your workplace or online accounts still enforce outdated password policies, it may be time to push for updated security measures that align with the latest research.

More For You

A man and woman kissing in the kitchen

Welcome to the "Boy and Girl apartment" trend

Unsplash

Women living in beautiful apartments share their secrets to co-habitating with a boyfriend

Blending styles can be difficult. Naturally, when two or more people are brought together, their visions aren’t always going to mesh. Like getting a haircut then realizing, after they spin you around for the big reveal, that your barber actually didn’t “totally get” the inspiration photo you brought in. Or teaming up with some friends for a group project in school who you didn't realize were petrified of public speaking. Or, take One Direction for example. Five solo singers who at didn't get along at all at first, brought together only after Simon Cowell corralled them all into a boy band.


Keep ReadingShow less
airport, flying, airport travel
person standing with holding luggage bag

Psychologist reveals exactly why everyone acts weird at airports

Fewer places bring out weirder human behavior than airports. Sleeping on floors? Acceptable. Paying $8 for a bag of chips? Acceptable. And 9 a.m. beers? Totally acceptable. Time (and personal space) seems to suspend itself when you're traveling in them. And psychologist Steve Taylor, a Senior Psychology Lecturer at Leeds Beckett University, explained exactly why everything and everyone feels so weird when you're in an airport with The Conversation.

Simply put: airports cause disorientation. "Due to the haziness of time and place, airports create a sense of disorientation," he explains. "We define ourselves in terms of time and place. We know who we are in relation to our daily routines and our familiar environments. We also define ourselves in terms of nationality. Without such markers, we may feel adrift."

Keep ReadingShow less
10-year-old violin prodigy stuns airport travelers with flawless Vivaldi duet
Representative photo by Canva

10-year-old violin prodigy stuns airport travelers with flawless Vivaldi duet

A beautiful blend of talent, courage, and classical music left Rome Airport travelers in awe when a 10-year-old violin prodigy, Yeonah Kim (@yeonah_kim_violin on Instagram), performed an impromptu duet with pianist Julien Cohen. The duo’s breathtaking rendition of Vivaldi’s “Summer” turned the airport’s Terminal 1 into an unexpected concert hall, captivating both onlookers and millions of viewers online.

  Representative photo by Sebastian Mark | Unsplash 

Keep ReadingShow less
Screenshot from Madeline Delp's TikTok video

Madeline Delp records her encounter with a parking attendant.

TikTok | @madelinedelp

Woman chased down over disabled parking spot despite being completely within her rights

A woman using a wheelchair was left shaken after a parking attendant chased her downhill and berated her for parking in a disabled spot—despite her having every legal right to do so. Madeline Delp (@madelinedelp on TikTok) shared the unsettling experience in a series of videos, sparking outrage and support from viewers.

Delp had parked in a wheelchair-accessible spot near a business complex before heading to a doctor's appointment. However, as she made her way down a hill, a parking attendant aggressively pursued her, accusing her of misusing the spot.

Keep ReadingShow less
She noticed something odd in a news photo—25 years after her brother vanished
Representative image via Canva

She noticed something odd in a news photo—25 years after her brother vanished

When someone close suddenly disappears, their family clings fiercely to hope—even if the search stretches across decades. A woman who had spent years desperately searching for her younger brother, Tommy, discovered an astonishing lead after 25 years of uncertainty. Ahead of Thanksgiving, a seemingly ordinary detail in an online news story changed their lives forever.

For decades, the sister had carried deep sadness about Tommy’s disappearance in 1999. According to CNN, Tommy had vanished along with his vehicle without leaving any trace. Over the years, she anxiously scoured reports of unidentified remains, fearing the worst. However, her fortunes changed dramatically after coming across an article in USA Today, which featured a hospitalized man whose identity was unknown, as he could neither speak nor communicate effectively.

Keep ReadingShow less