Please choose your password. I’m sorry, please choose a password with a capital letter. Sorry, please use a password with at least 8 characters. I’m sorry, please use a special character in your password. I’m sorry, your details have timed out. Please try again.
Yes, creating a password can be a headache. Even the person who created the system in which the passwords were based has finally admitted, it’s awful and he’s very, very 50rry.
In 2003 Bill Burr was your average kinda guy. Had a steady job in security. All was well. Then one fateful day, the US National Institute of Standards and Technology approached Bill. They were concerned that there was no real ‘rules’ regarding passwords for anyone to follow and enquired if he would be interested in making some.
Little did Bill Burr know how his advice would lead to misery throughout the world!
In fairness to Bill Burr, he probably didn’t really know what he was doing at the time. I’m not of course saying that he didn’t know about security, he clearly did, but I don’t think he probably understood the nature of the beast he was dealing with.
Speaking via Yahoo News, Bill Burr has said he now regrets: “much of what I did. It just drives people bananas and they don’t pick good passwords no matter what you do.”
If you want to know what are the 25 WORST passwords you could have, check out our article here!
In his original guidelines, Mr Burr suggested that all passwords should be a minimum of 8 characters, should include 1 uppercase letter, should include 1 numeral, should include a special character (such as an exclamation point or bracket) and most annoyingly, he recommended that the password ideally should be changed every 3 months.
Sounds simply right? No? Well even Mr Burr agrees these days saying that it is: “probably too complicated for a lot of folks to understand very well, and the truth is, it was barking up the wrong tree.”
Out of all of this, Mr Burr has said he regrets the advice regarding the regularity of change.
He has since said that changing your password regularly has little to no affect on the likelihood of being compromised. It simply all comes down to a case of picking a quality password in the first instance.
Only one way to find out. Post it in the comments and we’ll let you know.
On a serious note though, the real message Bill Burr wants to get across here is that his guidelines could have been a lot clearer. This in turn would have helped companies make their standards a lot more achievable. Research suggests that of all passwords used, around 70% of them are pretty poor. Speaking from personal experience, I detest Apple’s password security. It once took me nearly 20 minutes to set a password much to the amusement of my colleagues who found my 4 letter tirade against the company quite hilarious.
Therefore, the short version is, keep your passwords long and keep it different. The crazier the better. As for Bill Burr? I forgive him… just.
According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…
A new AMD processor in the form of an engineering model has been leaked in…
SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…
SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…
Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…
Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…