Here is the text of the NIST sp800-63b Digital Identity Guidelines.

  • subtext@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 month ago

    What is the first name of your first best friend?

    eoY&Z9m4LNRDY!Gzdd%q98LYiBi8Nq

    Oh old eoY&Z9m4LNRDY!Gzdd%q98LYiBi8Nq and I go way back! I met eoY&Z9m4LNRDY!Gzdd%q98LYiBi8Nq in Pre-K and we’ve been inseparable ever since.

    It is quite annoying if they’re a service that makes you read aloud your security questions to phone reps to prove your identity. One of my retirement accounts requires that and I have to sigh and read out the full string. I’ve changed it since to an all lowercase, 20 digit string as a compromise.

    • NotMyOldRedditName@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      1 month ago

      20 character all lowercase is very secure as long as its random words / letters that would make it unguessable by knowing you.

      Edit: you could also prefix it if you think you’d have to read it

      “This question is stupid fuck nuts house gravel neptune cow.”