Passwords Evolved: Authentication Guidance for the Modern Era

https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/

Great read about security and passwords, summarizing bet practices we've known for a while now, but unfortunately too few enterprises already follow.

There's a lot more to how authentication has evolved than just the rise and rise of credential stuffing though, many other aspects of how we logon to systems has also changed. In some cases, this has led to once-held "truths" about how we create and manage accounts to be totally flipped on their head, yet we still see modern organisations applying the patterns of yesterday to the threats of today. This post sets out to address this gap and talk about how we should be designing this critical part of our systems today.

[…]

there are passwords like this:

The ❄️ 🌟 🔦 ⚪ on the mountain 🌙 🌠. 🙅🏻 a👣 to 🐝 👀. A 🏰 of 😢, and it 👀 like☝️️ the 👑. The 💨 is 🐺 like this 🌀 ❄️ ☔️ 🏠. 🙅🏻 keep it in, ☁️ 💡 ☝️️ tried.

If someone really wants to have a password that's an emoji representation of the first verse of "Let It Go" from Frozen, good on 'em!

👍🏻