A password policy designed for federal agencies must be secure, right? Surprisingly, that hasn’t been the case, according to the National Institute of Standards and Technology (NIST). The NIST created many of the password best practices you probably loathe — the combination of letters, numbers, and special characters — but it now says those guidelines were misguided and has changed its stance on the matter.

Cyber security is becoming more and more important in an increasingly digital age. While many people and businesses know how important their online security is, they may not know what types of online security are best, nor the differences between the most commonly available options.

Remember in 2012 when Dropbox’s data, which contained details of around two-thirds of its customers, were leaked? At the time, Dropbox reported that a collection of users’ email addresses had been stolen, but it wasn’t until recently that the company discovered that passwords had been stolen as well.

It’s been said so many times that many small business owners are likely to block it out, but the truth remains: cyber criminals target SMBs. Perhaps the reason for this ignorance is that when an SMB falls victim to an online attack, it’s not breaking news.