The guy responsible for making passwords such a pain now says he was wrong

passwords are like pants

If you’ve ever wracked your brain trying to think up a password with the requisite mix of numbers, exclamation marks and other special characters, we’ve got news for you:

You’re doing it wrong. 

Mind you, it’s not your fault. Security best-practice guidelines going back more than a decade have recommended resetting passwords every 90 days and creating cryptic strings of characters, rather than easy-to-remember words, as the ideal password strategy. 

But according to a report in the Wall Street Journal on Monday, the person responsible for this has had a change of mind.  

“Much of what I did I now regret,” Bill Burr, the 72-year-old author of the annoyingly familiar password rules, told The Wall Street Journal

Burr’s guidelines — first published in 2003 — suggested that to optimize security, passwords must be reset every 90 days, and contain a mix of an uppercase letter, number, and special character. Most passwords, by necessity, look something like this: Password1!. 

Burr told the Journal that most people make the same, predictable changes — such as switching from a 1 to a 2 — which makes it easy for hackers to guess. 

Now the National Institute of Standards and Technology has set new guidelines. Passwords should be long and easy-to-remember, and only need to be changed when there is sign of a breach. Long pass phrases work better because they can be super long and still easy to memorize.

While Burr’s candor is refreshing — considering all of the frustrating password reset emails he’s inadvertently responsible for — he’s not the first person to discredit the 2003 guidelines.

Last August, the Federal Trade Commission’s chief technologist, Lorrie Cranor, busted the myth, telling a security conference essentially the same thing: periodic changes make passwords less secure. 

Long live the universal password! 

SEE ALSO: Facebook’s Sheryl Sandberg helps bring extended bereavement leave to her late husband’s company

Join the conversation about this story »

NOW WATCH: Amazon has an oddly efficient way of storing stuff in its warehouses

The guy responsible for making passwords such a pain now says he was wrong syndicated from https://injuryhelpnowcom.blogspot.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s