NIST 800-63B

The United States doesn’t have a singular law that covers the privacy of all types of data. Instead, it has a mix of laws that depends on the state and industry. While it might be not required at this moment its still good to be complied with a NIST Special Publication 800-63B and follow guidelines for:

New Password Creation
User Authentication Flow
Credentials Storage Recommendations
Breached Password Protection
Limit Login Attempts
Allow Multi-Factor Authentication
Do not use SMS for authentication
Do not sacrefice UX in favor of security

Source: NIST Special Publication 800-63B

Compliance with Cybersecurity Regulations
Cybersecurity Threats
Handling Sensitive Investor Data
NIST 800-53
Platform Vulnerabilities
SEC CYBERSECURITY RISK MANAGEMENT
Third-Party Data Sharing
Transaction Security

NIST 800-63B

Related pages