Stay organized with collections
Save and categorize content based on your preferences.
This guide describes password guidance and recommendations for users of online
applications that require authentication. It establishes a set of user-focused
recommendations for creating and storing passwords, including balancing password
strength and usability. A related guide,
Modern password security for system designers,
offers guidance for the engineers who build online applications that require
authentication.
The technology world has been trying to improve on the password since the early
days of computing. Shared-knowledge authentication is problematic, because
information can fall into the wrong hands or be forgotten. The problem is
magnified by systems that don't support real-world secure use cases and by the
all-too-common decision of end users to take shortcuts.
Overview
This document outlines the following:
Trusted sources of thoughtful and researched information about password
security
Recommendations for end-user password hygiene
Common anti-patterns and myths around password security
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2019-09-24 UTC."],[],[],null,["# Modern password security for users\n\nThis guide describes password guidance and recommendations for users of online\napplications that require authentication. It establishes a set of user-focused\nrecommendations for creating and storing passwords, including balancing password\nstrength and usability. A related guide,\n[Modern password security for system designers](/solutions/modern-password-security-for-system-designers),\noffers guidance for the engineers who build online applications that require\nauthentication.\n\nThe technology world has been trying to improve on the password since the early\ndays of computing. Shared-knowledge authentication is problematic, because\ninformation can fall into the wrong hands or be forgotten. The problem is\nmagnified by systems that don't support real-world secure use cases and by the\nall-too-common decision of end users to take shortcuts.\n\nOverview\n--------\n\nThis document outlines the following:\n\n- Trusted sources of thoughtful and researched information about password security\n- Recommendations for end-user password hygiene\n- Common anti-patterns and myths around password security\n- Additional technologies to explore\n\nTo read the full white paper, click the button:\n\n[Download the PDF](/static/solutions/modern-password-security-for-users.pdf)"]]