Guess what? The guy who invented secure password standards nearly 15 years ago now admits that they’re basically useless. He is also very sorry. The man in question is Bill Burr, a former manager at the National Institute of Standards and Technology (NIST). In 2003, Burr drafted an eight-page guide on how to create secure passwords. This became the document that would go on to more or less dictate password requirements on everything from email accounts to login pages to your online banking portal.
Research now shows that longer passwords, a series of around four words, are ultimately harder to crack than shorter combinations of letters, characters, or numbers. The NIST now recommends using long, easy-to-remember passwords. For example, think of four completely unrelated words: ‘purple’, ‘fish’, ‘helicopter’, ‘okay’. If you put these words in a sequence – with or without spaces – this will make a pretty strong password, and for people to switch codes only if they suspect that their existing one has been stolen or compromised. In short, it’s probably time to change your password, and this time you might even remember it!
In short, it’s probably time to change your password, and this time you might even remember it!
Image source: http://www.lucidica.com