Skip to content
Search

Latest Stories

Add Upworthy to your Google News feed.
Google News Button

For years, we've been told that long, complicated passwords—filled with random letters, numbers, and special characters—are the key to keeping our accounts secure. But new guidelines from the U.S. National Institute of Standards and Technology (NIST) suggest that this approach is outdated—and may actually make you less safe.

Instead of hard-to-remember combinations, experts now recommend using simpler, more memorable passwords that don’t require frequent changes, according to QBE European Operations.


media1.tenor.com

Why complicated passwords are no longer the best defense

For decades, security policies have pushed users to create unique passwords and update them regularly—often every 60 to 90 days. But according to NIST’s updated SP 800-63-4 guidelines, this method is no longer considered best practice, reported Sprinto.

Instead, NIST suggests:
Updating passwords only when necessary (such as after a security breach).
Avoiding frequent password resets unless there's evidence of compromise.
Focusing on length rather than complexity—long, memorable phrases are better than short, difficult-to-remember ones.

Representative Image Source: Pexels | Mikhail Nilov

The hidden dangers of overly complex passwords

When passwords become too difficult to remember, people tend to:
🔹 Write them down on sticky notes or in their phone’s notes app.
🔹 Reuse them across multiple sites.
🔹 Store them in browsers or password managers, which can become security risks themselves.

"If a password is too complicated, users are more likely to store it somewhere unsafe," NIST notes.

Hackers often exploit this by targeting saved credentials, making overly complex passwords a liability rather than a strength.


What makes a strong password today?

Instead of complex combinations like Xf9#jS*2!, NIST now recommends using:
A short sentence or a string of random words (e.g., "BlueElephantSky99")
Passwords between 8 and 15 characters
Minimal use of special characters or uppercase letters

NIST’s research found that longer, simple passwords are harder for attackers to guess than shorter, overly complex ones.

Representative Image Source: Pexels | Tima Miroshnichenko

What about businesses requiring frequent password changes?

Many organizations still require employees to update their passwords every few months. However, NIST’s Digital Identity Guidelines state that these frequent resets are unnecessary and ineffective.

"The latest changes incorporate real-world security risks and acknowledge that forced password changes do not significantly improve security," NIST explains.

Instead, the agency urges businesses to:
Allow employees to keep passwords longer unless a breach is suspected.
Encourage passphrases instead of short, complicated passwords.
Implement two-factor authentication (2FA) for added protection.

media.giphy.com

Should you change your password habits?

NIST’s updated guidance challenges traditional cybersecurity rules, but its recommendations are based on real-world data from compromised password databases.

As cyber threats continue to evolve, security experts agree:
Password complexity is less important than length.
Frequent password resets are unnecessary.
Memorable passphrases are better than random characters.

If your workplace or online accounts still enforce outdated password policies, it may be time to push for updated security measures that align with the latest research.

More For You

For 27 years, she photographed her parents waving goodbye. The final shot is heartbreaking.
Representative image by Canva

For 27 years, she photographed her parents waving goodbye. The final shot is heartbreaking.

Saying goodbye to loved ones can be a tender, bittersweet ritual, especially when those goodbyes accumulate over decades. For photographer Deanna Dikeman—known on Instagram as @deannadikeman—documenting these moments became a powerful, long-term project. Over 27 years, she snapped photos of her parents waving farewell in their driveway, culminating in one final image that feels like a punch to the gut.

A 27-year tradition
What began in 1991 as a casual snapshot turned into an ongoing series Dikeman informally called “Leaving and Waving.” Every time she left her parents’ home, she would pause to capture them standing in the driveway, hands raised in a goodbye wave. In an Instagram post shared by @the.pinklemonade, her images spanned from the early ‘90s until October 2017. The collection is currently on display at Réseau L U X (@reseau_lux) in Paris.

Keep ReadingShow less
A basement under construction.

Representative image - These days the choice between a place of your own and a basement custom built for you by mom is pretty easy.

Photo by Cal David

Mom's basement makeover gives her daughters a rent-free start in life

How children leave the home varies across generations, cultures and even individual families. For some, turning 18 marks a race toward independence, while others linger in the nest until they're pushed out with a “good luck” and a swift kick in the rump. In today’s world of skyrocketing housing costs, however, many families are rethinking these norms, choosing support over separation.

One TikTok mom, @lxxndaa_, is breaking the mold by giving her daughters a head start—rent-free. In a viral video, she shared how she transformed her basement into a fully equipped apartment for her daughters. This move has earned her widespread admiration and over 16.6 million views.

Keep ReadingShow less
Widow refused to share inheritance as teen stepdaughter faces homelessness—backlash erupts
Representative Cover Image Source: Pexels | Mikhail Nilov; Reddit | u/Spiritual_Alps3413

Widow refused to share inheritance as teen stepdaughter faces homelessness—backlash erupts

Inheritance disputes often lead to heated debates, especially when a family is divided. One woman recently sparked outrage after revealing that she inherited her late husband’s entire estate—nearly a million dollars—without leaving anything for his 16-year-old daughter from a previous relationship.

Posting on Reddit as u/Spiritual_Alps3413, the widow asked if she was wrong for keeping everything while her stepdaughter and her mother struggled to survive.

Keep ReadingShow less
Chris Hemsworth's response to his daughter's big question deserves applause

Chris explains what happened.

Image from ellentube/YouTube video.

Chris Hemsworth's response to his daughter's big question deserves applause

Chris Hemsworth might be best known for swinging a hammer as the Norse god of thunder in “Thor: Ragnarok,” but when it comes to being a dad, he’s just as legendary. The 35-year-old actor and father-of-three had a standout parenting moment that proves he’s more than just a superhero on screen.

It started with a curious question from his daughter

In a 2015 appearance on The Ellen DeGeneres Show, Hemsworth shared a story that starts with his daughter, 4-year-old India, having a very specific question about anatomy—and ends with a beautiful message about identity and acceptance.

Keep ReadingShow less