The National Institute of Standards and Technology (NIST) has issued a big update to Special Publication 800-63, its Digital Authentication Guideline, reports Federal News Radio.
Speaking at the Symantec Government Symposium in Washington this week, NIST National Strategy for Trusted Identities in Cyberspace Deputy Director Michael Garcia reflected on NIST’s evolution over the last ten years, pointing out that it “changed the name from electronic authentication to digital authentication guidance, which in itself indicates that we’re a little bit smarter about this” than the organization was a decade ago.
Of course, there have been some more substantial advancements, too, with Garcia outlining that his organization’s emphasis is now on outcomes rather than specific guidelines. That should help its standards to keep pace with the rapid changes in technology by allowing organizations to find their own pathways to strong authentication goals.
Garcia’s comments come as NIST seeks public comment on its preview of the Digital Authentication Guideline. It has already generated considerable discussion by suggesting that SMS OTP should be considered a ‘deprecated’ authentication mechanism, but of course this is all healthy debate as various US government authorities seek stronger digital security solutions as newer technologies like biometrics help to push archaic password-based systems into irrelevance.
Source: Federal News Radio
–
August 31, 2016 – by Alex Perala
Follow Us